AEAG A.I CyberSecurity Scoring
AEAG
Company Information
Website:http://www.andovereye.org
Employees number:3
Number of followers:0
NAICS:621
Industry Type:Medical Practices
Homepage:andovereye.org
AEAG Risk Score (AI oriented)
Between 650 and 699
AEAGMedical Practices
Updated:
01/04/2026
01/04/2026
693/1000
Weak
B
AEAG Global Score (TPRM)
xxxx
AEAGMedical Practices
Score locked

AEAGWeak
Current Score
693B (WEAK)
01000
2 incidents
-61 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
700
JUNE 2026
699
MAY 2026
696
APRIL 2026
695
MARCH 2026
692
FEBRUARY 2026
691
JANUARY 2026
689
DECEMBER 2025
687
NOVEMBER 2025
685
OCTOBER 2025
744
Breach
27 Oct 2025 • AEAG
Andover Eye Associates: CareOregon and Health Share of Oregon Warn of Potential Insurance Fraud After Data Breach
CareOregon and Health Share of Oregon Warn of Potential Insurance Fraud After Data Breach; Andover Eye Associates Email Breach
683
CRITICAL-61
AND1768217112
Oregon Health Plans and Massachusetts Eye Clinic Report Separate Data Breaches Linked to Potential Fraud
Two healthcare organizations CareOregon and Health Share of Oregon, along with Andover Eye Associates in Massachusetts have disclosed data breaches involving unauthorized access to patient information, with potential ties to insurance fraud.
### CareOregon and Health Share of Oregon
On October 27, 2025, the Oregon-based health plans discovered unauthorized access to protected health information (PHI) of an undisclosed number of patients. The breach exposed names, dates of birth, health plan details, Medicaid/Medicare numbers, and primary care provider information, though Social Security numbers and financial data were not accessed.
While the notice did not specify whether the breach was internal or external, the organizations warned of possible fraudulent insurance claims using the compromised data. Affected individuals were advised to review any unexpected billing notices, as legitimate claims would not result in out-of-pocket charges. Law enforcement was notified, and security measures including staff retraining and access restrictions were implemented to prevent further incidents. No breach report has been filed with the HHS Office for Civil Rights as of yet.
### Andover Eye Associates
Separately, Andover Eye Associates detected suspicious activity in two employee email accounts on June 10, 2025, later confirming that an unauthorized third party accessed them on May 28, 2025. The breach affected 1,638 patients, exposing names and Social Security numbers.
Following an investigation, the clinic mailed notifications on November 4, 2025, offering 12 months of complimentary credit monitoring to impacted individuals. Additional security measures, including enhanced email safeguards and staff training, were put in place to mitigate future risks.
Both incidents highlight ongoing vulnerabilities in healthcare data security, with potential consequences for patient privacy and fraud exposure.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
SEPTEMBER 2025
743
AUGUST 2025
742
MAY 2025
793
Breach
28 May 2025 • AEAG
Andover Eye Associates: Andover Eye Associates Data Breach Impacts Hundreds
Andover Eye Associates Data Breach
739
CRITICAL-54
AND1767376038
Andover Eye Associates Reports Data Breach Affecting Thousands, Including 237 New Hampshire Residents
Andover Eye Associates, a multi-specialty ophthalmic practice based in Andover, Massachusetts, disclosed a data breach on December 31, 2025, impacting potentially thousands of individuals across the U.S., with at least 237 confirmed cases in New Hampshire. The breach involved unauthorized access to sensitive personal information, including names and Social Security numbers—key details that heighten the risk of identity theft.
The incident came to light on June 10, 2025, when the organization detected suspicious activity in two employee email accounts. An investigation revealed that an unauthorized actor had accessed at least one of the accounts as early as May 28, 2025. By November 4, 2025, the company confirmed the exposure of personally identifiable information (PII). While the exact attack method remains undisclosed, the compromise of Social Security numbers underscores the severity of the breach.
Andover Eye Associates reported the incident to the New Hampshire Attorney General’s office and began notifying affected individuals via mail. In response, the organization has enhanced its cybersecurity measures and is offering one year of credit monitoring services through Epiq Global to impacted parties. No further details on the breach’s origin or the number of total affected individuals have been publicly released.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for AEAG ??
What was AEAG's A.I Rankiteo Cyber Score in June 2026 ??
What was AEAG's A.I Rankiteo Cyber Score in May 2026 ??
What was AEAG's A.I Rankiteo Cyber Score in April 2026 ??
What was AEAG's A.I Rankiteo Cyber Score in March 2026 ??
What was AEAG's A.I Rankiteo Cyber Score in February 2026 ??
What was AEAG's A.I Rankiteo Cyber Score in January 2026 ??
What was AEAG's A.I Rankiteo Cyber Score in December 2025 ??
What was AEAG's A.I Rankiteo Cyber Score in November 2025 ??
What was AEAG's A.I Rankiteo Cyber Score in October 2025 ??
What was AEAG's A.I Rankiteo Cyber Score in September 2025 ??
What was AEAG's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on AEAG's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with AEAG ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view AEAG's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?