90 Degree Benefits

90 Degree Benefits, also known as 90° Benefits, is an employee benefits firm headquartered in Wisconsin, United States of America. The organisation provides benefits administration services to employers and their employees. Its core offerings include managing health‑related benefits and associated personal data. As part of its services, the company handles protected health information such as names, addresses, Social Security numbers, health insurance details, medical records, diagnoses, treatment dates, and billing information. This focus on employee benefits places it within the broader healthcare services sector.

The organisation’s known cybersecurity incidents reveal the scale of data it manages. In February 2023, a second large‑scale hacking incident compromised protected health information of approximately 175,000 individuals via unauthorized network server access. This followed an earlier breach that affected over 172,000 people, involving similar types of personal identifiers. These incidents indicate that the firm routinely processes substantial volumes of sensitive personal data for a large population. The magnitude of the affected individuals underscores the extent of its data footprint.

90 Degree Benefits’ handling of protected health information subjects it to federal health privacy regulations, as evidenced by its notification of federal regulators after the 2023 breach. Upon detecting suspicious activity, the organisation has repeatedly suspended user access, implemented enhanced security protocols, and initiated forensic investigations. It also engages law enforcement and undertakes remediation efforts to secure its systems and prevent further unauthorized activity. These responsive actions reflect a structured approach to incident management despite recurring cybersecurity challenges. The pattern of breaches highlights ongoing external threats targeting its network infrastructure.