About 23,000 accounts have been compromised by a data breach that took place at HealthEquity when an employee fell for a phishing scam.

The incident took place on April 11 and was first noticed by the company two days later, reported healthdatamanagement.com and stems from a single staffer email account being compromised by a malicious actor. That email account has been eliminated and a forensic investigation is now underway. Health Data Management is stating no other HealthEquity systems were affected. Read more.