EssilorLuxottica
Company Details
Linkedin ID:
essilorluxottica
Website:
Employees number:
79,782
Number of followers:
1,328,942
NAICS:
30
Industry Type:
Homepage:
essilorluxottica.com
IP Addresses:
257
Company ID:
ESS_1745346
Scan Status:
Completed
EssilorLuxottica Company CyberSecurity Posture
essilorluxottica.com
We are EssilorLuxottica, a global leader in the design, manufacture and distribution of ophthalmic lenses, frames and sunglasses. Formed in 2018 by the combination of Essilor and Luxottica, our Company combines two centuries of innovation and human endeavour to elevate vision care and the consumer experience around it. We are home to the most loved and widely-recognized vision care and eyewear brands in the world. Our proprietary eyewear brands include Ray-Ban, Oakley, Costa, Vogue Eyewear, Persol and Oliver Peoples, complemented by over 20 prestigious licensed brands. Our advanced lens technologies include Varilux, Crizal, Eyezen, Stellest and Transitions. We offer superior shopping and patient experiences with a network of 18,000 stores including world-class retail brands like Sunglass Hut, LensCrafters, Salmoiraghi & Viganò and GrandVision. Every day, EssilorLuxottica’s more than 190,000 employees in 150 countries work towards a common mission to help people see more and be more. In 2021, the Company’s milestones included a collaboration with Meta to launch Ray-Ban Stories smart glasses; the acquisition of GrandVision bringing 39,000 new employees into our family; expansion of our International Employee Shareholding community, and the launch of Eyes on the Planet, our strategic approach to sustainability.
EssilorLuxottica A.I CyberSecurity Scoring
EssilorLuxottica Risk Score (AI oriented)Between 800 and 849
EssilorLuxottica
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
EssilorLuxottica Global Score (TPRM)XXXX
EssilorLuxottica
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
EssilorLuxottica Company CyberSecurity News & History
Past Incidents
9
Attack Types
3
Luxottica of America Inc.
Cyber Attack
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: On August 9, 2020, Luxottica of America Inc. experienced a data breach due to an **automated cyberattack**, reported by the Washington State Office of the Attorney General on October 27, 2020. The incident compromised the **personal information of approximately 12,166 individuals**, including highly sensitive data such as **names, Social Security numbers, and health-related records**. The breach stemmed from an external cyber intrusion, exposing individuals to potential risks like **identity theft, financial fraud, and unauthorized access to medical details**. While the exact method of the attack (e.g., phishing, exploit of a vulnerability) was not specified, the scale and nature of the exposed data—particularly **SSNs and health information**—indicate a severe privacy violation with long-term repercussions for affected parties. The company was legally obligated to notify impacted individuals and regulatory bodies, though the broader operational or reputational consequences for Luxottica were not detailed in the report. The incident underscores the vulnerabilities in handling **sensitive customer data**, especially when automated cyberattacks exploit systemic weaknesses. No ransomware demands were mentioned, but the **leak of personal and health data** aligns with high-severity impacts under data protection frameworks.
Eye Buy Direct, Inc.
Cyber Attack
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The Washington State Attorney General's Office reported that Eye Buy Direct, Inc. experienced a data breach potentially affecting the personal information of 17,031 Washington residents. The incident might have started as early as September 1, 2018, and was addressed by September 28, 2019. The breach type was a cyberattack, but specific details regarding the method of breach remain unclear.
EyeMed
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: On December 11, 2020, the California Office of the Attorney General reported a data breach involving Aetna, which occurred on June 24, 2020. The unauthorized access involved an EyeMed email mailbox, and while specific numbers of affected individuals are not stated, personal information related to EyeMed's vision benefits may have been compromised.
EyeMed Vision Care
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: In 2020, EyeMed Vision Care suffered a **phishing email breach** where hackers accessed a shared inbox used by nine employees for enrollment processing. The compromised email, protected only by a weak password, contained **six years of sensitive customer data**, including personal and potentially financial information. The breach impacted **up to 2.1 million individuals** nationwide, though the class action settlement covered ~692,154 members. Regulatory fines and settlements have cost EyeMed **over $12.6 million**, including a $5M class action payout, $4.5M to New York’s DFS, $600K to the NY AG, and $2.5M to four other states. The company also faced mandatory security upgrades, including **MFA enhancements, password audits, HIPAA risk assessments, and reduced email retention periods**. The breach exposed customers to potential fraud, identity theft, and financial losses, with class members eligible for compensation up to $10,000 for documented damages. EyeMed denied wrongdoing but agreed to settlements to resolve negligence and compliance violation claims.
EyeMed Vision Care LLC
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: In June 2020, EyeMed Vision Care LLC experienced a **data breach** caused by an unauthorized third party, compromising sensitive personal and protected health information (PHI) of customers. The exposed data included names, contact details, dates of birth, health insurance account numbers, Medicaid/Medicare numbers, driver’s licenses, and other government-issued identification numbers. The breach led to a **$5 million class-action settlement**, with affected individuals eligible for compensation of up to **$10,000** for out-of-pocket losses, lost time (up to $100), and pro rata cash payments (estimated $50). The lawsuit alleged EyeMed failed to implement adequate cybersecurity measures, resulting in potential identity theft, fraud, and financial harm to victims. While EyeMed denied wrongdoing, the settlement was agreed upon to avoid prolonged litigation. The incident underscored significant risks to customer privacy and trust, with long-term reputational and financial repercussions for the company.
EyeMed Vision Care LLC
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The Maine Office of the Attorney General reported a data breach involving EyeMed Vision Care LLC on November 30, 2020. The breach occurred between June 24, 2020, and July 1, 2020, exposing personal information, including Social Security Numbers, of approximately 2,329,942 individuals, with 23,057 residents affected. Notification to consumers was provided on September 28, 2020.
FGX International Inc
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The Indiana Office of the Attorney General reported that FGX International Inc experienced a data breach on May 7, 2020, affecting a total of 142 individuals, including 2 residents in Indiana. The breach notification was reported on September 22, 2020.
Luxottica
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: A data breach at Luxottica resulted in the exposure of 70 million consumers' personal data. Andrea Draghetti, a cybersecurity specialist, observed that a threat actor exposed Luxottica data, raising the possibility of a fresh data breach. Over 300 million records were included in a 140GB database that the threat actor leaked. According to the researchers, the archive (luxottica_nice.csv) contained 305.759.991 records, 74.417.098 unique email addresses, and 2.590.076 unique domain emails. Customer names, emails, phone numbers, residences, and birthdates are among the information that has been exposed.
Luxottica
Ransomware
Rankiteo Explanation
Attack threatening the organization's existence
Description: The world's biggest eyewear company Luxottica was targeted by Windows Nefilim ransomware. The data about its financial and human resources operations was stolen and leaked on the dark web.
EssilorLuxottica Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for EssilorLuxottica
Incidents vs Manufacturing Industry Average (This Year)
No incidents recorded for EssilorLuxottica in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for EssilorLuxottica in 2025.
Incident Types EssilorLuxottica vs Manufacturing Industry Avg (This Year)
No incidents recorded for EssilorLuxottica in 2025.
Incident History — EssilorLuxottica (X = Date, Y = Severity)
EssilorLuxottica cyber incidents detection timeline including parent company and subsidiaries
EssilorLuxottica Company Subsidiaries
We are EssilorLuxottica, a global leader in the design, manufacture and distribution of ophthalmic lenses, frames and sunglasses. Formed in 2018 by the combination of Essilor and Luxottica, our Company combines two centuries of innovation and human endeavour to elevate vision care and the consumer experience around it. We are home to the most loved and widely-recognized vision care and eyewear brands in the world. Our proprietary eyewear brands include Ray-Ban, Oakley, Costa, Vogue Eyewear, Persol and Oliver Peoples, complemented by over 20 prestigious licensed brands. Our advanced lens technologies include Varilux, Crizal, Eyezen, Stellest and Transitions. We offer superior shopping and patient experiences with a network of 18,000 stores including world-class retail brands like Sunglass Hut, LensCrafters, Salmoiraghi & Viganò and GrandVision. Every day, EssilorLuxottica’s more than 190,000 employees in 150 countries work towards a common mission to help people see more and be more. In 2021, the Company’s milestones included a collaboration with Meta to launch Ray-Ban Stories smart glasses; the acquisition of GrandVision bringing 39,000 new employees into our family; expansion of our International Employee Shareholding community, and the launch of Eyes on the Planet, our strategic approach to sustainability.
Loading...
EssilorLuxottica Similar Companies
RPG Group
RPG Group, established in 1979 and headquartered in Mumbai, is one of India's fastest growing diversified business group with a turnover in excess of US$5.2 billion. The Group has a presence in the core sectors of the economy - Infrastructure (KEC International), Mobility (CEAT), Information Technol
SNEF
Group Snef is a French leader in the field of electrical installation and, more broadly, the management of finishing turnkey projects and operations. Group Snef operates in the fields of high- and low-voltage installations, industrial processes, HVAC and maintenance. Its services cover technic
FEMSA
FEMSA is a company that creates economic and social value through companies and institutions and strives to be the best employer and neighbor to the communities in which it operates. It participates in the retail industry through a Proximity Division operating OXXO, a small-format store chain, OXXO
Celestica enables the world's best brands. Through our unrivaled customer-centric approach, we partner with leading companies in aerospace and defense, communications, enterprise, healthtech, industrial, capital equipment, and smart energy to deliver solutions for their most complex challenges. A le
Rodan + Fields
We are Rodan + Fields, founded by Stanford-trained dermatologists with a mission to revolutionize skincare for women everywhere. Our products are dermatologist-developed and inspired by Women-Backed Science™, delivering real, visible results. We understand what works for women’s skin, from acne to
Future Group India
About Working with Future Group gives you an opportunity to be part of a family with a unique culture and beliefs. Drawing from the vision of modern Indian retail, we have built a company that our people are proud of and our customers and communities value. Mission We share the vision and b
Dräger
Dräger is an international leader in the fields of medical and safety technology. The family-owned company was founded in Lübeck, Germany, in 1889. The company’s long-term success is based on the four key strengths of its value-driven culture: customer intimacy, professional employees, continuous in
Kellogg Company
At Kellanova, our vision is to be the world’s best performing snacks-led powerhouse, unleashing the full potential of our differentiated brands and our passionate people. Powered by our strategy to Differentiate, Drive & Deliver, we are a leading company in global snacking, international cereal and
Patanjali Foods
For almost four decades, Patanjali Foods has championed India’s wellness revolution. Founded in 1986, we began with a simple mission: making swadeshi products, affordable and quality-driven for every household. Today, we are a leading FMCG force, offering a wide range of household essentials. From n
.png)
EssilorLuxottica CyberSecurity News
November 19, 2025 03:43 PM
EssilorLuxottica introduces self-study area to Leonardo
The CPD-accredited area of the learning platform features content exploring the role of LOCs, myopia management, confidentiality,...
July 10, 2025 07:00 AM
Meta Puts $3.5 Billion Into Partner EssilorLuxottica, XPANCEO, Arago, Kartel Raise New Rounds
Trump hints his allies may buy TikTok. Meta invests $3.5B in Ray-Ban maker. XPANCEO, Arago, and Kartel raise funds. Smart glasses, AI chips,...
July 04, 2025 07:00 AM
Customer data leaked after Louis Vuitton Korea suffers cyberattack
News distribution : Louis Vuitton Korea confirmed a June 8 cyberattack that compromised customer contact data. It's the second breach to hit...
June 11, 2025 07:00 AM
Visit to VivaTechnology.
President Emmanuel Macron attended the opening of the 9th edition of the VivaTechnology, a premier tech and innovation summit in Paris, France.
January 24, 2024 08:00 AM
EssilorLuxottica IT EyeCare Obtains Prestigious ISO27001 and ISO27701 Certifications for High Standards in Telemedicine Data Processing
EssilorLuxottica IT EyeCare demonstrates compliance with requirements for ISO27001 standards and controls of the ISO27701 guideline global...
July 26, 2023 07:00 AM
EssilorLuxottica acquires Nuance Hearing for tens of millions of dollars to integrate
EssilorLuxottica, the world's largest eyewear group, has acquired Israeli startup Nuance Hearing. The deal, which was completed in late 2022.
May 26, 2023 09:16 AM
Careers
We are EssilorLuxottica, a global leader in world-class vision care products, including iconic eyewear, advanced lens technology and cutting-edge digital...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
EssilorLuxottica CyberSecurity History Information
Official Website of EssilorLuxottica
The official website of EssilorLuxottica is https://www.essilorluxottica.com.
EssilorLuxottica’s AI-Generated Cybersecurity Score
According to Rankiteo, EssilorLuxottica’s AI-generated cybersecurity score is 836, reflecting their Good security posture.
How many security badges does EssilorLuxottica’ have ?
According to Rankiteo, EssilorLuxottica currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does EssilorLuxottica have SOC 2 Type 1 certification ?
According to Rankiteo, EssilorLuxottica is not certified under SOC 2 Type 1.
Does EssilorLuxottica have SOC 2 Type 2 certification ?
According to Rankiteo, EssilorLuxottica does not hold a SOC 2 Type 2 certification.
Does EssilorLuxottica comply with GDPR ?
According to Rankiteo, EssilorLuxottica is not listed as GDPR compliant.
Does EssilorLuxottica have PCI DSS certification ?
According to Rankiteo, EssilorLuxottica does not currently maintain PCI DSS compliance.
Does EssilorLuxottica comply with HIPAA ?
According to Rankiteo, EssilorLuxottica is not compliant with HIPAA regulations.
Does EssilorLuxottica have ISO 27001 certification ?
According to Rankiteo,EssilorLuxottica is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of EssilorLuxottica
EssilorLuxottica operates primarily in the Manufacturing industry.
Number of Employees at EssilorLuxottica
EssilorLuxottica employs approximately 79,782 people worldwide.
Subsidiaries Owned by EssilorLuxottica
EssilorLuxottica presently has no subsidiaries across any sectors.
EssilorLuxottica’s LinkedIn Followers
EssilorLuxottica’s official LinkedIn profile has approximately 1,328,942 followers.
NAICS Classification of EssilorLuxottica
EssilorLuxottica is classified under the NAICS code 30, which corresponds to Manufacturing.
EssilorLuxottica’s Presence on Crunchbase
Yes, EssilorLuxottica has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/essilorluxottica.
EssilorLuxottica’s Presence on LinkedIn
Yes, EssilorLuxottica maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/essilorluxottica.
Cybersecurity Incidents Involving EssilorLuxottica
As of November 27, 2025, Rankiteo reports that EssilorLuxottica has experienced 9 cybersecurity incidents.
Number of Peer and Competitor Companies
EssilorLuxottica has an estimated 7,594 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at EssilorLuxottica ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach, Cyber Attack and Ransomware.
What was the total financial impact of these incidents on EssilorLuxottica ?
Total Financial Loss: The total financial loss from these incidents is estimated to be $17.60 million.
How does EssilorLuxottica detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with public disclosure via washington state attorney general, and communication strategy with class action settlement notices sent to affected individuals, and incident response plan activated with yes (post-breach), and third party assistance with yes (third-party hipaa security risk assessment), and containment measures with shortened email retention period, containment measures with enhanced mfa, containment measures with password policy updates, and remediation measures with security awareness training, remediation measures with audit mechanisms for weak passwords, remediation measures with third-party risk assessment, and communication strategy with class-action settlement notifications, communication strategy with regulatory disclosures (hhs, state ags)..
Incident Details
Can you provide details on each incident ?
Title: Luxottica Ransomware Attack
Description: The world's biggest eyewear company Luxottica was targeted by Windows Nefilim ransomware. The data about its financial and human resources operations was stolen and leaked on the dark web.
Type: Ransomware
Attack Vector: Unknown
Motivation: Financial
Title: Luxottica Data Breach
Description: A data breach at Luxottica resulted in the exposure of 70 million consumers' personal data.
Type: Data Breach
Title: FGX International Inc Data Breach
Description: The Indiana Office of the Attorney General reported that FGX International Inc experienced a data breach on May 7, 2020, affecting a total of 142 individuals, including 2 residents in Indiana. The breach notification was reported on September 22, 2020.
Date Detected: 2020-05-07
Date Publicly Disclosed: 2020-09-22
Type: Data Breach
Title: Aetna Data Breach
Description: Unauthorized access to an EyeMed email mailbox potentially compromising personal information related to vision benefits.
Date Detected: 2020-12-11
Date Publicly Disclosed: 2020-12-11
Type: Data Breach
Attack Vector: Email Mailbox
Title: EyeMed Vision Care LLC Data Breach
Description: The Maine Office of the Attorney General reported a data breach involving EyeMed Vision Care LLC on November 30, 2020. The breach occurred between June 24, 2020, and July 1, 2020, exposing personal information, including Social Security Numbers, of approximately 2,329,942 individuals, with 23,057 residents affected. Notification to consumers was provided on September 28, 2020.
Date Detected: 2020-11-30
Date Publicly Disclosed: 2020-09-28
Type: Data Breach
Title: Eye Buy Direct Data Breach
Description: Eye Buy Direct, Inc. experienced a data breach potentially affecting the personal information of 17,031 Washington residents due to a security incident that might have started as early as September 1, 2018, and was addressed by September 28, 2019.
Date Resolved: September 28, 2019
Type: Data Breach
Title: Luxottica of America Inc. Data Breach (2020)
Description: The Washington State Office of the Attorney General reported a data breach involving Luxottica of America Inc. on October 27, 2020. The breach occurred on August 9, 2020, due to an automated cyberattack affecting approximately 12,166 individuals, and potentially compromising personal information including names, Social Security numbers, and health-related data.
Date Detected: 2020-08-09
Date Publicly Disclosed: 2020-10-27
Type: Data Breach
Title: EyeMed Vision Care Data Breach (June 2020)
Description: EyeMed Vision Care LLC experienced a data breach in June 2020, exposing sensitive personal and protected health information of customers. The breach resulted from unauthorized third-party access, allegedly due to inadequate data security measures. EyeMed agreed to a $5 million class action settlement to resolve claims related to the incident.
Date Detected: 2020-06
Type: Data Breach
Threat Actor: Unauthorized third party
Title: EyeMed Email Breach Settlement
Description: Vision care benefits firm EyeMed agreed to pay $5 million to settle class action litigation involving a 2020 phishing email data breach. The incident, which exposed sensitive customer data from a shared email inbox, has already cost the company over $12.6 million in regulatory fines and settlements across multiple states. The breach affected up to 2.1 million consumers nationwide, with 692,154 class members identified in the settlement. Security improvements mandated include enhanced MFA, password policies, HIPAA risk assessments, and third-party audits.
Date Detected: 2020-09
Date Publicly Disclosed: 2020-09
Type: Data Breach
Attack Vector: Phishing (compromised shared email inbox with weak password)
Vulnerability Exploited: Weak PasswordLack of MFAProlonged Email Retention (6+ years)Shared Inbox Access
Motivation: Financial Gain (data exfiltration for fraud/identity theft)
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Phishing email (compromised shared inbox).
Impact of the Incidents
What was the impact of each incident ?
Incident : Ransomware LUX202211222
Data Compromised: Financial data, Human resources data
Incident : Data Breach LUX52424923
Data Compromised: Customer names, Emails, Phone numbers, Residences, Birthdates
Incident : Data Breach EYE413072525
Data Compromised: Personal information
Systems Affected: Email Mailbox
Incident : Data Breach EYE248072725
Data Compromised: Social security numbers
Incident : Data Breach EYE249072825
Data Compromised: Personal Information
Incident : Data Breach ESS023091825
Data Compromised: Names, Social security numbers, Health-related data
Identity Theft Risk: High (PII exposed)
Incident : Data Breach EYE5994859100225
Financial Loss: $5,000,000 (settlement fund)
Data Compromised: Names, Contact details, Dates of birth, Health insurance account numbers, Health insurance identification numbers, Medicaid/medicare numbers, Driver’s licenses, Government identification numbers
Customer Complaints: Class action lawsuit filed
Brand Reputation Impact: Negative (settlement and public disclosure)
Legal Liabilities: $5,000,000 settlement, attorneys' fees ($1,666,666.66), attorneys' expenses ($50,000), service awards ($7,500)
Identity Theft Risk: High (PII and PHI exposed)
Incident : Data Breach EYE4802448100725
Financial Loss: $12.6M+ (regulatory fines, settlements, and litigation costs)
Data Compromised: Personal data, Sensitive customer information
Systems Affected: Shared Employee Email Inbox (enrollment processing)
Brand Reputation Impact: High (multiple regulatory actions and class-action lawsuit)
Legal Liabilities: $12.6M+ (fines: $4.5M NY DFS, $600K NY AG, $2.5M 4-state AG, $5M class-action)
Identity Theft Risk: High (personal data exposed)
What is the average financial loss per incident ?
Average Financial Loss: The average financial loss per incident is $1.96 million.
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Financial Data, Human Resources Data, , Customer Names, Emails, Phone Numbers, Residences, Birthdates, , Personal Information, , Social Security Numbers, , Personal Information, Personal Identifiable Information (Pii), Protected Health Information (Phi), , Personally Identifiable Information (Pii), Protected Health Information (Phi), , Personal Data, Enrollment Information, Sensitive Customer Records and .
Which entities were affected by each incident ?
Incident : Data Breach LUX52424923
Entity Name: Luxottica
Entity Type: Company
Industry: Retail
Customers Affected: 70000000
Incident : Data Breach FGX254071625
Entity Name: FGX International Inc
Entity Type: Company
Customers Affected: 142
Incident : Data Breach EYE413072525
Entity Name: Aetna
Entity Type: Health Insurance Company
Industry: Healthcare
Incident : Data Breach EYE248072725
Entity Name: EyeMed Vision Care LLC
Entity Type: Company
Industry: Healthcare
Customers Affected: 2329942
Incident : Data Breach EYE249072825
Entity Name: Eye Buy Direct, Inc.
Entity Type: Company
Industry: Retail
Customers Affected: 17,031 Washington residents
Incident : Data Breach ESS023091825
Entity Name: Luxottica of America Inc.
Entity Type: Corporation
Industry: Retail (Eyewear)
Location: United States
Customers Affected: 12166
Incident : Data Breach EYE5994859100225
Entity Name: EyeMed Vision Care LLC
Entity Type: Healthcare (Vision Care)
Industry: Healthcare
Location: United States
Customers Affected: Class members (U.S. residents notified of the breach)
Incident : Data Breach EYE4802448100725
Entity Name: EyeMed Vision Care
Entity Type: Healthcare (Vision Care Benefits Provider)
Industry: Healthcare
Location: Ohio, USA
Customers Affected: 2.1 million (nationwide); 692,154 (class members); 1.47 million (HHS report); 98,632 (New York residents)
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach ESS023091825
Communication Strategy: Public disclosure via Washington State Attorney General
Incident : Data Breach EYE5994859100225
Communication Strategy: Class action settlement notices sent to affected individuals
Incident : Data Breach EYE4802448100725
Incident Response Plan Activated: Yes (post-breach)
Third Party Assistance: Yes (third-party HIPAA security risk assessment)
Containment Measures: Shortened email retention periodEnhanced MFAPassword policy updates
Remediation Measures: Security awareness trainingAudit mechanisms for weak passwordsThird-party risk assessment
Communication Strategy: Class-action settlement notificationsRegulatory disclosures (HHS, state AGs)
What is the company's incident response plan?
Incident Response Plan: The company's incident response plan is described as Yes (post-breach).
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Yes (third-party HIPAA security risk assessment).
Data Breach Information
What type of data was compromised in each breach ?
Incident : Ransomware LUX202211222
Type of Data Compromised: Financial data, Human resources data
Incident : Data Breach LUX52424923
Type of Data Compromised: Customer names, Emails, Phone numbers, Residences, Birthdates
Number of Records Exposed: 305759991
File Types Exposed: CSV
Incident : Data Breach FGX254071625
Number of Records Exposed: 142
Incident : Data Breach EYE413072525
Type of Data Compromised: Personal information
Incident : Data Breach EYE248072725
Type of Data Compromised: Social security numbers
Number of Records Exposed: 2329942
Sensitivity of Data: High
Incident : Data Breach EYE249072825
Type of Data Compromised: Personal Information
Number of Records Exposed: 17,031
Incident : Data Breach ESS023091825
Type of Data Compromised: Personal identifiable information (pii), Protected health information (phi)
Number of Records Exposed: 12166
Sensitivity of Data: High
Personally Identifiable Information: namesSocial Security numbers
Incident : Data Breach EYE5994859100225
Type of Data Compromised: Personally identifiable information (pii), Protected health information (phi)
Sensitivity of Data: High (PII and PHI)
Data Exfiltration: Yes (unauthorized access by third party)
Personally Identifiable Information: NamesContact detailsDates of birthHealth insurance account numbersHealth insurance identification numbersMedicaid/Medicare numbersDriver’s licensesGovernment identification numbers
Incident : Data Breach EYE4802448100725
Type of Data Compromised: Personal data, Enrollment information, Sensitive customer records
Number of Records Exposed: 2.1 million (max estimate)
Sensitivity of Data: High (6+ years of customer data)
Data Exfiltration: Yes
Data Encryption: No (data stored in unencrypted email inbox)
File Types Exposed: EmailsAttachments (enrollment documents)
Personally Identifiable Information: Yes
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Security awareness training, Audit mechanisms for weak passwords, Third-party risk assessment, .
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by shortened email retention period, enhanced mfa, password policy updates and .
Ransomware Information
Was ransomware involved in any of the incidents ?
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Breach ESS023091825
Regulatory Notifications: Washington State Office of the Attorney General
Incident : Data Breach EYE5994859100225
Legal Actions: Class action lawsuit settled for $5,000,000
Incident : Data Breach EYE4802448100725
Regulations Violated: HIPAA, California State Laws (e.g., CCPA), New York Financial Services Law (23 NYCRR 500),
Fines Imposed: $12.6M+ ($4.5M NY DFS, $600K NY AG, $2.5M 4-state AG, $5M class-action)
Legal Actions: Class-action lawsuit (settled 2026-01-07), NY DFS Consent Order (2022-10), NY AG Settlement (2022-01), 4-State AG Settlement (2023-05),
Regulatory Notifications: HHS (2020-09)State AGs (NY, NJ, FL, PA, OR)
How does the company ensure compliance with regulatory requirements ?
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through Class action lawsuit settled for $5,000,000, Class-action lawsuit (settled 2026-01-07), NY DFS Consent Order (2022-10), NY AG Settlement (2022-01), 4-State AG Settlement (2023-05), .
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : Data Breach EYE4802448100725
Lessons Learned: Shared inboxes with weak passwords are high-risk targets for phishing., Prolonged data retention increases exposure in breaches., MFA and password policies must be enforced rigorously in healthcare., Regulatory non-compliance (e.g., HIPAA) amplifies financial and reputational damage.
What recommendations were made to prevent future incidents ?
Incident : Data Breach EYE4802448100725
Recommendations: Implement strict MFA for all email accounts, especially shared inboxes., Enforce password complexity and rotation policies with audits., Limit data retention periods to minimize breach impact., Conduct regular HIPAA security risk assessments with third-party auditors., Segment networks to isolate sensitive data (e.g., enrollment systems)., Train employees on phishing awareness and incident reporting.Implement strict MFA for all email accounts, especially shared inboxes., Enforce password complexity and rotation policies with audits., Limit data retention periods to minimize breach impact., Conduct regular HIPAA security risk assessments with third-party auditors., Segment networks to isolate sensitive data (e.g., enrollment systems)., Train employees on phishing awareness and incident reporting.Implement strict MFA for all email accounts, especially shared inboxes., Enforce password complexity and rotation policies with audits., Limit data retention periods to minimize breach impact., Conduct regular HIPAA security risk assessments with third-party auditors., Segment networks to isolate sensitive data (e.g., enrollment systems)., Train employees on phishing awareness and incident reporting.Implement strict MFA for all email accounts, especially shared inboxes., Enforce password complexity and rotation policies with audits., Limit data retention periods to minimize breach impact., Conduct regular HIPAA security risk assessments with third-party auditors., Segment networks to isolate sensitive data (e.g., enrollment systems)., Train employees on phishing awareness and incident reporting.Implement strict MFA for all email accounts, especially shared inboxes., Enforce password complexity and rotation policies with audits., Limit data retention periods to minimize breach impact., Conduct regular HIPAA security risk assessments with third-party auditors., Segment networks to isolate sensitive data (e.g., enrollment systems)., Train employees on phishing awareness and incident reporting.Implement strict MFA for all email accounts, especially shared inboxes., Enforce password complexity and rotation policies with audits., Limit data retention periods to minimize breach impact., Conduct regular HIPAA security risk assessments with third-party auditors., Segment networks to isolate sensitive data (e.g., enrollment systems)., Train employees on phishing awareness and incident reporting.
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are Shared inboxes with weak passwords are high-risk targets for phishing.,Prolonged data retention increases exposure in breaches.,MFA and password policies must be enforced rigorously in healthcare.,Regulatory non-compliance (e.g., HIPAA) amplifies financial and reputational damage.
References
Where can I find more information about each incident ?
Incident : Data Breach FGX254071625
Source: Indiana Office of the Attorney General
Incident : Data Breach EYE413072525
Source: California Office of the Attorney General
Date Accessed: 2020-12-11
Incident : Data Breach EYE248072725
Source: Maine Office of the Attorney General
Date Accessed: 2020-11-30
Incident : Data Breach EYE249072825
Source: Washington State Attorney General's Office
Incident : Data Breach ESS023091825
Source: Washington State Office of the Attorney General
Date Accessed: 2020-10-27
Incident : Data Breach EYE5994859100225
Source: Class Action Settlement Notice (Tate v. EyeMed Vision Care LLC)
Incident : Data Breach EYE4802448100725
Source: Information Security Media Group (ISMG)
Incident : Data Breach EYE4802448100725
Source: NY DFS Consent Order (2022-10)
Incident : Data Breach EYE4802448100725
Source: NY AG Settlement (2022-01)
Incident : Data Breach EYE4802448100725
Source: 4-State AG Settlement (NJ, FL, PA, OR; 2023-05)
Incident : Data Breach EYE4802448100725
Source: HHS Breach Report (2020-09)
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Indiana Office of the Attorney General, and Source: California Office of the Attorney GeneralDate Accessed: 2020-12-11, and Source: Maine Office of the Attorney GeneralDate Accessed: 2020-11-30, and Source: Washington State Attorney General's Office, and Source: Washington State Office of the Attorney GeneralDate Accessed: 2020-10-27, and Source: Class Action Settlement Notice (Tate v. EyeMed Vision Care LLC), and Source: Information Security Media Group (ISMG), and Source: NY DFS Consent Order (2022-10), and Source: NY AG Settlement (2022-01), and Source: 4-State AG Settlement (NJ, FL, PA, OR; 2023-05), and Source: HHS Breach Report (2020-09).
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach EYE5994859100225
Investigation Status: Settled (class action lawsuit)
Incident : Data Breach EYE4802448100725
Investigation Status: Closed (settlements finalized; final court hearing on 2026-01-07)
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Public disclosure via Washington State Attorney General, Class action settlement notices sent to affected individuals, Class-Action Settlement Notifications, Regulatory Disclosures (Hhs and State Ags).
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach EYE5994859100225
Stakeholder Advisories: Settlement notices sent to affected class members
Customer Advisories: Class members instructed to file claims by Dec. 11, 2025, via online form or mail (Kroll Settlement Administration)
Incident : Data Breach EYE4802448100725
Stakeholder Advisories: Class-Action Settlement Notices, Regulatory Filings (Hhs, State Ags).
Customer Advisories: Breach notifications (2020)Settlement claims process (up to $10,100 per affected individual)
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Settlement notices sent to affected class members, Class members instructed to file claims by Dec. 11, 2025, via online form or mail (Kroll Settlement Administration), Class-Action Settlement Notices, Regulatory Filings (Hhs, State Ags), Breach Notifications (2020), Settlement Claims Process (Up To $10,100 Per Affected Individual) and .
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach EYE4802448100725
Entry Point: Phishing email (compromised shared inbox)
High Value Targets: Customer Enrollment Data, Pii,
Data Sold on Dark Web: Customer Enrollment Data, Pii,
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach ESS023091825
Root Causes: Automated cyberattack (unspecified)
Incident : Data Breach EYE5994859100225
Root Causes: Alleged failure to implement adequate data security measures
Corrective Actions: Settlement agreement (no specific technical remediation details disclosed)
Incident : Data Breach EYE4802448100725
Root Causes: Weak Password On Shared Email Inbox, Lack Of Mfa, Excessive Data Retention (6+ Years), Inadequate Hipaa Compliance (Risk Assessments),
Corrective Actions: Enhanced Mfa And Password Policies, Third-Party Hipaa Security Risk Assessment, Reduced Email Retention Periods, Mandatory Security Awareness Training, Audit Mechanisms For Weak Passwords,
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Settlement agreement (no specific technical remediation details disclosed), Enhanced Mfa And Password Policies, Third-Party Hipaa Security Risk Assessment, Reduced Email Retention Periods, Mandatory Security Awareness Training, Audit Mechanisms For Weak Passwords, .
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Unauthorized third party.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2020-05-07.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2020-09.
What was the most recent incident resolved ?
Most Recent Incident Resolved: The most recent incident resolved was on September 28, 2019.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Financial data, Human resources data, , Customer names, Emails, Phone numbers, Residences, Birthdates, , Personal Information, , Social Security Numbers, , Personal Information, names, Social Security numbers, health-related data, , Names, Contact details, Dates of birth, Health insurance account numbers, Health insurance identification numbers, Medicaid/Medicare numbers, Driver’s licenses, Government identification numbers, , Personal Data, Sensitive Customer Information and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Email Mailbox and Shared Employee Email Inbox (enrollment processing).
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Shortened email retention periodEnhanced MFAPassword policy updates.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Phone numbers, health-related data, Customer names, Residences, Health insurance account numbers, Birthdates, Social Security numbers, Driver’s licenses, Human resources data, Social Security Numbers, Personal Information, Financial data, Personal Data, Contact details, Dates of birth, Health insurance identification numbers, Emails, Government identification numbers, Names, Medicaid/Medicare numbers, Sensitive Customer Information and names.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 2.1M.
Regulatory Compliance
What was the highest fine imposed for a regulatory violation ?
Highest Fine Imposed: The highest fine imposed for a regulatory violation was $12.6M+ ($4.5M NY DFS, $600K NY AG, $2.5M 4-state AG, $5M class-action).
What was the most significant legal action taken for a regulatory violation ?
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was Class action lawsuit settled for $5,000,000, Class-action lawsuit (settled 2026-01-07), NY DFS Consent Order (2022-10), NY AG Settlement (2022-01), 4-State AG Settlement (2023-05), .
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Regulatory non-compliance (e.g., HIPAA) amplifies financial and reputational damage.
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Train employees on phishing awareness and incident reporting., Conduct regular HIPAA security risk assessments with third-party auditors., Implement strict MFA for all email accounts, especially shared inboxes., Enforce password complexity and rotation policies with audits., Limit data retention periods to minimize breach impact., Segment networks to isolate sensitive data (e.g. and enrollment systems)..
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Class Action Settlement Notice (Tate v. EyeMed Vision Care LLC), Maine Office of the Attorney General, Information Security Media Group (ISMG), HHS Breach Report (2020-09), NY DFS Consent Order (2022-10), California Office of the Attorney General, Washington State Attorney General's Office, 4-State AG Settlement (NJ, FL, PA, OR; 2023-05), Indiana Office of the Attorney General, Washington State Office of the Attorney General and NY AG Settlement (2022-01).
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Settled (class action lawsuit).
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was Settlement notices sent to affected class members, Class-action settlement notices, Regulatory filings (HHS, state AGs), .
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued were an Class members instructed to file claims by Dec. 11, 2025, via online form or mail (Kroll Settlement Administration), Breach notifications (2020)Settlement claims process (up to $10 and100 per affected individual).
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Phishing email (compromised shared inbox).
Post-Incident Analysis
What was the most significant root cause identified in post-incident analysis ?
Most Significant Root Cause: The most significant root cause identified in post-incident analysis was Automated cyberattack (unspecified), Alleged failure to implement adequate data security measures, Weak password on shared email inboxLack of MFAExcessive data retention (6+ years)Inadequate HIPAA compliance (risk assessments).
What was the most significant corrective action taken based on post-incident analysis ?
Most Significant Corrective Action: The most significant corrective action taken based on post-incident analysis was Settlement agreement (no specific technical remediation details disclosed), Enhanced MFA and password policiesThird-party HIPAA security risk assessmentReduced email retention periodsMandatory security awareness trainingAudit mechanisms for weak passwords.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=essilorluxottica' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
