To: All UNC System Employees
Subject: Important Notice: P&A Group Security Breach, Action Required for Benefits Account Holders
Dear Colleagues,
We are writing to inform you of an important security matter affecting P&A Group, the third-party administrator that manages our employee Flexible Spending Accounts (FSAs).
What Happened
Beginning in mid-May 2026, P&A Group experienced a significant system infrastructure disruption that has impacted their website, online portals, call center, email servers, and claims processing systems. The North Carolina Office of State Human Resources (OSHR) has officially characterized this incident as a website security breach, and has issued the following advisory to all NCFlex participants:
“NCFlex benefits provider P&A Group recently experienced a website security breach. Please do not make changes to any accounts through P&A Group, via the web or phone, until further notice. Remember to be cyber smart — always protect your credentials and never give out information to unknown callers or text messages.”
What This Means for You
If you are enrolled in any benefits plan administered by P&A Group, including either a Heath Care FSA or Dependent Day Care FSA, , please be aware of the following:
- Do not log into your P&A Group account or make any account changes via the web or phone until further notice. This precaution is in place to protect your personal information while the breach investigation is ongoing.
- Do not provide any personal information via phone or text to anyone purporting to be from NCFlex or P&A Admin. Based on the limited information shared, we do not recommend any contact with P&A Group under any circumstances as we do not know what level of breach they have or what services are compromised.
- Your account funds are reported to be secure. P&A Group has stated that their banking partners were not impacted by the disruption. We cannot validate this information, so please be vigilant.
- Your P&A Benefits debit card remains active and can continue to be used for eligible plan expenses if you have an available balance, but we do not recommend accessing any mobile or web-based applications to check balances, etc.
What You Should Do Now
Given that P&A Group holds sensitive personal information, including Social Security Numbers, health account data, and banking details, we strongly encourage all affected employees to take the following precautionary steps:
-
- Monitor your financial accounts and credit reports for any unusual activity. You are entitled to a free credit report from each of the three major bureaus at AnnualCreditReport.com.
- Be alert to phishing attempts. Do not respond to unsolicited calls, emails, or text messages claiming to be from P&A Group asking for your personal information or login credentials.
- Do not click on suspicious links purporting to be from P&A Group until the situation is fully resolved.
- Document any failed attempts to access your account or contact P&A Group, in case this information is needed for future claims or legal purposes.
Current Status
The UNC System and OSHR are actively monitoring the situation and will provide further updates as they become available.
Questions?
If you have questions about your benefits accounts or need assistance, please contact the NCFlex administration team within State of NC OSHR.
We understand this situation is disruptive and we appreciate your patience. The security of your personal information is a priority, and we will continue to keep you informed as this matter develops.