Eyebuydirect
Company Details
Linkedin ID:
eyebuydirect-inc.
Website:
Employees number:
92
Number of followers:
9,944
NAICS:
448
Industry Type:
Homepage:
eyebuydirect.com
IP Addresses:
0
Company ID:
EYE_1065099
Scan Status:
In-progress
Eyebuydirect Company CyberSecurity Posture
eyebuydirect.com
There are 2.2 billion people worldwide, suffering from uncorrected vision. Our founder, Roy Hessel, saw no reason that a pair of glasses should cost them hundreds of dollars—especially considering how inexpensive they are to make. In 2005, Eyebuydirect was created with one goal in mind: affordable eyewear for everyone. Our vertically integrated business model allows us to oversee the whole manufacturing process. From concept, to design, to our lens lab, every step is tailored to our core values and enables us to pass the savings on to our customers. With frames starting from as little as $6, we make it possible for everyone to have access to affordable eyewear. Our in-house brand, RFLKT, boasts our most fashionable frames and our new collections keep you up to date with the latest trends in eyewear.
Eyebuydirect A.I CyberSecurity Scoring
Eyebuydirect Risk Score (AI oriented)Between 750 and 799
Eyebuydirect
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Eyebuydirect Global Score (TPRM)XXXX
Eyebuydirect
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Eyebuydirect Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Eye Buy Direct, Inc.
Cyber Attack
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The Washington State Attorney General's Office reported that Eye Buy Direct, Inc. experienced a data breach potentially affecting the personal information of 17,031 Washington residents. The incident might have started as early as September 1, 2018, and was addressed by September 28, 2019. The breach type was a cyberattack, but specific details regarding the method of breach remain unclear.
Eyebuydirect Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Eyebuydirect
Incidents vs Retail Apparel and Fashion Industry Average (This Year)
No incidents recorded for Eyebuydirect in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Eyebuydirect in 2026.
Incident Types Eyebuydirect vs Retail Apparel and Fashion Industry Avg (This Year)
No incidents recorded for Eyebuydirect in 2026.
Incident History — Eyebuydirect (X = Date, Y = Severity)
Eyebuydirect cyber incidents detection timeline including parent company and subsidiaries
Eyebuydirect Company Subsidiaries
There are 2.2 billion people worldwide, suffering from uncorrected vision. Our founder, Roy Hessel, saw no reason that a pair of glasses should cost them hundreds of dollars—especially considering how inexpensive they are to make. In 2005, Eyebuydirect was created with one goal in mind: affordable eyewear for everyone. Our vertically integrated business model allows us to oversee the whole manufacturing process. From concept, to design, to our lens lab, every step is tailored to our core values and enables us to pass the savings on to our customers. With frames starting from as little as $6, we make it possible for everyone to have access to affordable eyewear. Our in-house brand, RFLKT, boasts our most fashionable frames and our new collections keep you up to date with the latest trends in eyewear.
Loading...
Eyebuydirect Similar Companies
VF Corporation
VF Corporation is one of the world’s largest apparel, footwear and accessories companies connecting people to the lifestyles, activities and experiences they cherish most through a family of iconic outdoor, active and workwear brands including Vans®, The North Face®, Timberland® and Dickies®. Our pu
Coach
Coach was founded in 1941 as a family-run workshop. In a Manhattan loft, six artisans handcrafted a collection of leather goods using skills handed down from generation to generation. Discerning consumers soon began to seek out the quality and unique nature of Coach craftsmanship. Now greatly exp
Aditya Birla Fashion and Retail Ltd.
Aditya Birla Fashion and Retail Limited (ABFRL), part of the Aditya Birla Group, is India’s leading fashion powerhouse, offering a distinguished portfolio of renowned brands and retail formats, catering to multiple high-growth segments. As of March 31, 2025, the Company has presence across 1,167 st
MANGO
Mango, one of the leading international fashion groups, is a global company with design and creativity at the heart of its business model and a strategy based on constant innovation, the pursuit of sustainability and a complete ecosystem of channels and partners. With its roots in Barcelona, one of
J.Crew
Since 1983, we’ve been designing pieces that feel both familiar and refreshingly new, crafted with unbeatable quality and distinctive point of view...it’s no wonder we’ve been in your closet for four decades and counting. Today, we continue to do the classics our way, inspiring not only how you sho
Forever 21 continues to be a fashion industry leader with a mission to make the latest trends accessible to all. F21 persists on staying ahead of innovation and providing styles and fit that our customers love. While reinventing for now and beyond, we’re seeking passionate and creative new family me
Tommy Hilfiger
TOMMY HILFIGER is one of the world’s leading designer lifestyle brands creating a platform that inspires the modern American spirit, while committing to wasting nothing and welcoming all. Founded in 1985, Tommy Hilfiger delivers premium styling, quality and value to consumers worldwide under the T
URBN (Urban Outfitters, Anthropologie Group, Free People & Nuuly)
URBN Urban Outfitters, Inc. (www.urbn.com) is a portfolio of global consumer brands comprised of Anthropologie, Anthropologie Weddings, Free People, FP Movement, Terrain, Urban Outfitters, Nuuly, Reclectic, and Menus & Venues. At URBN, we Lead with Creativity…. Creativity guides our approach to prod
Ralph Lauren
Ralph Lauren Corporation (NYSE:RL) is a global leader in the design, marketing and distribution of luxury lifestyle products in five categories: apparel, footwear & accessories, home, fragrances and hospitality. For more than 50 years, Ralph Lauren has sought to inspire the dream of a better life th
.png)
Eyebuydirect CyberSecurity News
May 26, 2023 09:16 AM
Careers
We are EssilorLuxottica, a global leader in world-class vision care products, including iconic eyewear, advanced lens technology and cutting-edge digital...
September 29, 2022 07:00 AM
Eyewear Virtual Try-On Tool Not Regulated by Illinois’ Biometric Information Privacy Act
On September 8, 2022, an Illinois federal judge dismissed with prejudice a Biometric Information Privacy Act (Privacy Act or BIPA) class...
September 09, 2021 07:00 AM
Zenni Eyes Arb. In 'Virtual Try-On' Biometric Privacy Suit
Zenni Optical told an Illinois federal court Wednesday that a putative class claim alleging the online eyeglass retailer's "virtual try-on"...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Eyebuydirect CyberSecurity History Information
Official Website of Eyebuydirect
The official website of Eyebuydirect is https://www.eyebuydirect.com.
Eyebuydirect’s AI-Generated Cybersecurity Score
According to Rankiteo, Eyebuydirect’s AI-generated cybersecurity score is 760, reflecting their Fair security posture.
How many security badges does Eyebuydirect’ have ?
According to Rankiteo, Eyebuydirect currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Eyebuydirect been affected by any supply chain cyber incidents ?
According to Rankiteo, Eyebuydirect has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does Eyebuydirect have SOC 2 Type 1 certification ?
According to Rankiteo, Eyebuydirect is not certified under SOC 2 Type 1.
Does Eyebuydirect have SOC 2 Type 2 certification ?
According to Rankiteo, Eyebuydirect does not hold a SOC 2 Type 2 certification.
Does Eyebuydirect comply with GDPR ?
According to Rankiteo, Eyebuydirect is not listed as GDPR compliant.
Does Eyebuydirect have PCI DSS certification ?
According to Rankiteo, Eyebuydirect does not currently maintain PCI DSS compliance.
Does Eyebuydirect comply with HIPAA ?
According to Rankiteo, Eyebuydirect is not compliant with HIPAA regulations.
Does Eyebuydirect have ISO 27001 certification ?
According to Rankiteo,Eyebuydirect is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Eyebuydirect
Eyebuydirect operates primarily in the Retail Apparel and Fashion industry.
Number of Employees at Eyebuydirect
Eyebuydirect employs approximately 92 people worldwide.
Subsidiaries Owned by Eyebuydirect
Eyebuydirect presently has no subsidiaries across any sectors.
Eyebuydirect’s LinkedIn Followers
Eyebuydirect’s official LinkedIn profile has approximately 9,944 followers.
NAICS Classification of Eyebuydirect
Eyebuydirect is classified under the NAICS code 448, which corresponds to Clothing and Clothing Accessories Stores.
Eyebuydirect’s Presence on Crunchbase
No, Eyebuydirect does not have a profile on Crunchbase.
Eyebuydirect’s Presence on LinkedIn
Yes, Eyebuydirect maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/eyebuydirect-inc..
Cybersecurity Incidents Involving Eyebuydirect
As of January 24, 2026, Rankiteo reports that Eyebuydirect has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Eyebuydirect has an estimated 4,963 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Eyebuydirect ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack.
Incident Details
Can you provide details on each incident ?
Title: Eye Buy Direct Data Breach
Description: Eye Buy Direct, Inc. experienced a data breach potentially affecting the personal information of 17,031 Washington residents due to a security incident that might have started as early as September 1, 2018, and was addressed by September 28, 2019.
Date Resolved: September 28, 2019
Type: Data Breach
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach EYE249072825
Data Compromised: Personal Information
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Information.
Which entities were affected by each incident ?
Incident : Data Breach EYE249072825
Entity Name: Eye Buy Direct, Inc.
Entity Type: Company
Industry: Retail
Customers Affected: 17,031 Washington residents
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach EYE249072825
Type of Data Compromised: Personal Information
Number of Records Exposed: 17,031
References
Where can I find more information about each incident ?
Incident : Data Breach EYE249072825
Source: Washington State Attorney General's Office
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Washington State Attorney General's Office.
Additional Questions
Incident Details
What was the most recent incident resolved ?
Most Recent Incident Resolved: The most recent incident resolved was on September 28, 2019.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident was Personal Information.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was Personal Information.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 17.0K.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Washington State Attorney General's Office.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Typemill is a flat-file, Markdown-based CMS designed for informational documentation websites. A reflected Cross-Site Scripting (XSS) exists in the login error view template `login.twig` of versions 2.19.1 and below. The `username` value can be echoed back without proper contextual encoding when authentication fails. An attacker can execute script in the login page context. This issue has been fixed in version 2.19.2.
Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Description
A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the DomainCheckerApp class within domain/script.js of Sourcecodester Domain Availability Checker v1.0. The vulnerability occurs because the application improperly handles user-supplied data in the createResultElement method by using the unsafe innerHTML property to render domain search results.
Description
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Modern Image Gallery App v1.0 within the gallery/upload.php component. The application fails to properly validate uploaded file contents. Additionally, the application preserves the user-supplied file extension during the save process. This allows an unauthenticated attacker to upload arbitrary PHP code by spoofing the MIME type as an image, leading to full system compromise.
Description
A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at jailer startup, if the jailer is executed with root privileges. To mitigate this issue, users should upgrade to version v1.13.2 or 1.14.1 or above.
Risk Information
cvss3
Base: 6.0
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
cvss4
Base: 6.0
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description
An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the Aptsys gemscms backend platform thru 2025-05-28. This unauthenticated endpoint returns a list of cashier accounts, including names, email addresses, usernames, and passwords hashed using MD5. As MD5 is a broken cryptographic function, the hashes can be easily reversed using public tools, exposing user credentials in plaintext. This allows remote attackers to perform unauthorized logins and potentially gain access to sensitive POS operations or backend functions.
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=eyebuydirect-inc.' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
