Luxottica had a catastrophic data breach incident that resulted in sensitive patient information exposure, including PII and medical data. We already know about the ransomware incident that hit the eyewear company back in September, but this occurrence apparently concerns a different incident that happened in August 2020.
As the company admits via an announcement now, someone gained unauthorized access to the company’s appointment scheduling app on August 5, 2020, while the firm’s IT teams only managed to detect and stop the attack four days later.
In the meantime, the hacker accessed and exfiltrated patient information, including the following:
As for who is affected by this security incident, that would be 829,454 patients at LensCrafters, Target Optical, EyeMed, and other eye care practices. In some cases, social security numbers (SSNs) and credit card numbers were also exposed. For this subcategory, Luxottica now offers a 2-year identity monitoring service through Kroll, with instructions on enrolling included in the notifications distributed to the affected people.
Luxottica has been circulating the notices since October 27, 2020. Still, the incident was just now been published after the relevant filing with the U.S. Department of Health and Human Services, as required by law. If you believe that you could have been compromised but haven’t received a notice yet, you may contact Luxottica at (877) 540-1431 and clarify your case specifically.
Until now, the stolen data hasn’t appeared on any dark web forums or markets, so the hope is that the hackers didn’t exfiltrate the files after all. Also, there could be a link between this incident and the Nefilim ransomware attack that followed, with the first attack acting as the initial access step. However, there is no evidence pointing to that scenario.
Luxottica is a Milan-based eyewear maker who has managed to maintain very lucrative deals with American eye-care providers and health insurance firms. The company is the largest in this field in the world by a large margin and has been previously accused of imposing monopolistic terms and prices. Lately, the Italian company has been dealing with severe cyber-security problems that bring the brand into the spotlight for the wrong reasons again.