Luxottica
Company Details
Linkedin ID:
luxottica
Website:
Employees number:
19,446
Number of followers:
847,276
NAICS:
None
Industry Type:
Homepage:
luxottica.com
IP Addresses:
0
Company ID:
LUX_2614246
Scan Status:
In-progress
Luxottica Company CyberSecurity Posture
luxottica.com
#ToSeeTheBeautyOfLife™ is the vision that inspires Luxottica’s sustainable business approach and is an integral part of the Group’s strategy. It stems from a notion of universal beauty that comes to life at the intersection of personal well-being, respect for the environment, ethics and the transparency of relations. Learn more on www.luxottica.com/en/toseethebeautyoflife. Luxottica is a leader in the design, manufacture and distribution of fashion, luxury, sports and performance eyewear. Its portfolio includes proprietary brands such as Ray-Ban, Oakley, Vogue Eyewear, Persol, Oliver Peoples, Alain Mikli and Arnette, as well as over 20 licensed brands, including some of the most well-known and prestigious names in the global fashion and luxury industries. The Group’s global wholesale distribution network covers more than 150 countries and is complemented by an extensive retail network of approximately 9,200 stores, with LensCrafters and Pearle Vision in North America, OPSM and LensCrafters in Asia-Pacific, GMO and Óticas Carol in Latin America, Salmoiraghi & Viganò in Italy and Sunglass Hut worldwide. In 2019, with approximately 80,000 employees, Luxottica posted net sales of over Euro 9 billion. Additional information on the Group is available at www.luxottica.com.
Luxottica A.I CyberSecurity Scoring
Luxottica Risk Score (AI oriented)Between 700 and 749
Luxottica
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Luxottica Global Score (TPRM)XXXX
Luxottica
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Luxottica Company CyberSecurity News & History
Past Incidents
6
Attack Types
3
Luxottica
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: A data breach at Luxottica resulted in the exposure of 70 million consumers' personal data. Andrea Draghetti, a cybersecurity specialist, observed that a threat actor exposed Luxottica data, raising the possibility of a fresh data breach. Over 300 million records were included in a 140GB database that the threat actor leaked. According to the researchers, the archive (luxottica_nice.csv) contained 305.759.991 records, 74.417.098 unique email addresses, and 2.590.076 unique domain emails. Customer names, emails, phone numbers, residences, and birthdates are among the information that has been exposed.
Luxottica
Ransomware
Rankiteo Explanation
Attack threatening the organization's existence
Description: The world's biggest eyewear company Luxottica was targeted by Windows Nefilim ransomware. The data about its financial and human resources operations was stolen and leaked on the dark web.
Luxottica of America Inc.
Cyber Attack
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: On August 9, 2020, Luxottica of America Inc. experienced a data breach due to an automated cyberattack, reported by the Washington State Office of the Attorney General on October 27, 2020. The incident compromised the personal information of approximately 12,166 individuals, including highly sensitive data such as names, Social Security numbers, and health-related records. The breach stemmed from an external cyber intrusion, exposing individuals to potential risks like identity theft, financial fraud, and unauthorized access to medical details. While the exact method of the attack (e.g., phishing, exploit of a vulnerability) was not specified, the scale and nature of the exposed data particularly SSNs and health information indicate a severe privacy violation with long-term repercussions for affected parties. The company was legally obligated to notify impacted individuals and regulatory bodies, though the broader operational or reputational consequences for Luxottica were not detailed in the report. The incident underscores the vulnerabilities in handling sensitive customer data, especially when automated cyberattacks exploit systemic weaknesses. No ransomware demands were mentioned, but the leak of personal and health data aligns with high-severity impacts under data protection frameworks.
EyeMed Vision Care
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: In 2020, EyeMed Vision Care suffered a phishing email breach where hackers accessed a shared inbox used by nine employees for enrollment processing. The compromised email, protected only by a weak password, contained six years of sensitive customer data, including personal and potentially financial information. The breach impacted up to 2.1 million individuals nationwide, though the class action settlement covered ~692,154 members. Regulatory fines and settlements have cost EyeMed over $12.6 million, including a $5M class action payout, $4.5M to New York’s DFS, $600K to the NY AG, and $2.5M to four other states. The company also faced mandatory security upgrades, including MFA enhancements, password audits, HIPAA risk assessments, and reduced email retention periods. The breach exposed customers to potential fraud, identity theft, and financial losses, with class members eligible for compensation up to $10,000 for documented damages. EyeMed denied wrongdoing but agreed to settlements to resolve negligence and compliance violation claims.
FGX International Inc
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The Indiana Office of the Attorney General reported that FGX International Inc experienced a data breach on May 7, 2020, affecting a total of 142 individuals, including 2 residents in Indiana. The breach notification was reported on September 22, 2020.
Eye Buy Direct, Inc.
Cyber Attack
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The Washington State Attorney General's Office reported that Eye Buy Direct, Inc. experienced a data breach potentially affecting the personal information of 17,031 Washington residents. The incident might have started as early as September 1, 2018, and was addressed by September 28, 2019. The breach type was a cyberattack, but specific details regarding the method of breach remain unclear.
Luxottica Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Luxottica
Incidents vs Luxury Goods & Jewelry Industry Average (This Year)
No incidents recorded for Luxottica in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Luxottica in 2026.
Incident Types Luxottica vs Luxury Goods & Jewelry Industry Avg (This Year)
No incidents recorded for Luxottica in 2026.
Incident History — Luxottica (X = Date, Y = Severity)
Luxottica cyber incidents detection timeline including parent company and subsidiaries
Luxottica Company Subsidiaries
#ToSeeTheBeautyOfLife™ is the vision that inspires Luxottica’s sustainable business approach and is an integral part of the Group’s strategy. It stems from a notion of universal beauty that comes to life at the intersection of personal well-being, respect for the environment, ethics and the transparency of relations. Learn more on www.luxottica.com/en/toseethebeautyoflife. Luxottica is a leader in the design, manufacture and distribution of fashion, luxury, sports and performance eyewear. Its portfolio includes proprietary brands such as Ray-Ban, Oakley, Vogue Eyewear, Persol, Oliver Peoples, Alain Mikli and Arnette, as well as over 20 licensed brands, including some of the most well-known and prestigious names in the global fashion and luxury industries. The Group’s global wholesale distribution network covers more than 150 countries and is complemented by an extensive retail network of approximately 9,200 stores, with LensCrafters and Pearle Vision in North America, OPSM and LensCrafters in Asia-Pacific, GMO and Óticas Carol in Latin America, Salmoiraghi & Viganò in Italy and Sunglass Hut worldwide. In 2019, with approximately 80,000 employees, Luxottica posted net sales of over Euro 9 billion. Additional information on the Group is available at www.luxottica.com.
Loading...
Luxottica Similar Companies
Vox Media
Vox Media, the leader in modern media, is home to a portfolio of top talent and engaging editorial brands that ignite conversations and set trends, including Eater, Vox, The Verge, SB Nation, The Dodo, New York Magazine, The Cut, and Vulture. The company’s podcast network is one of the largest in th
.png)
Luxottica CyberSecurity News
December 23, 2025 08:00 AM
Luxottica Sued Over Data Sharing With Google, Meta, Others
California residents sued eyewear giant Luxottica of America Inc. for allegedly tracking their online activity through third-party cookies...
December 19, 2024 08:00 AM
Luxottica Agrees $250,000 Settlement to Resolve Data Breach Litigation
Luxottica, the world's largest eyewear company, has agreed to settle class action data breach litigation related to a 2020 hacking incident...
December 18, 2024 08:00 AM
$250K Luxottica data breach class action settlement
Luxottica agreed to a $250000 class action lawsuit settlement to resolve claims a 2020 data breach compromised consumer information.
September 12, 2024 07:00 AM
Eye Spy A Payout: Luxottica Data Settlement Details Revealed
"Luxottica data settlement. If you were a patient at a Luxottica-owned or affiliated eye care practice in the United States,...
January 25, 2024 08:00 AM
Security Researchers Uncovered Massive Data Breach
Cybersecurity Consultant Bob Dyachenko, Owner, SecurityDiscovery.com, along with the Cybernews team, uncovered a massive data breach...
July 26, 2023 07:00 AM
EssilorLuxottica acquires Nuance Hearing for tens of millions of dollars to integrate
EssilorLuxottica, the world's largest eyewear group, has acquired Israeli startup Nuance Hearing. The deal, which was completed in late 2022.
May 26, 2023 09:16 AM
Careers
We are EssilorLuxottica, a global leader in world-class vision care products, including iconic eyewear, advanced lens technology and cutting-edge digital...
May 25, 2023 07:00 AM
IOTW: Luxottica confirms 2021 data leak of 70 million customers’ information | Cyber Security Hub
The breach was discovered after data was put up for sale on the dark web ... Italian eyewear brand Luxottica, parent company of Ray-Ban and Oakley...
May 22, 2023 07:00 AM
Luxottica admits to 2021 data breach that exposed personal information of 70 million customers
The company attributed it to a security incident suffered by a third-party contractor who was managing the company's customer data.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Luxottica CyberSecurity History Information
Official Website of Luxottica
The official website of Luxottica is http://www.luxottica.com.
Luxottica’s AI-Generated Cybersecurity Score
According to Rankiteo, Luxottica’s AI-generated cybersecurity score is 734, reflecting their Moderate security posture.
How many security badges does Luxottica’ have ?
According to Rankiteo, Luxottica currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Luxottica been affected by any supply chain cyber incidents ?
According to Rankiteo, Luxottica has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does Luxottica have SOC 2 Type 1 certification ?
According to Rankiteo, Luxottica is not certified under SOC 2 Type 1.
Does Luxottica have SOC 2 Type 2 certification ?
According to Rankiteo, Luxottica does not hold a SOC 2 Type 2 certification.
Does Luxottica comply with GDPR ?
According to Rankiteo, Luxottica is not listed as GDPR compliant.
Does Luxottica have PCI DSS certification ?
According to Rankiteo, Luxottica does not currently maintain PCI DSS compliance.
Does Luxottica comply with HIPAA ?
According to Rankiteo, Luxottica is not compliant with HIPAA regulations.
Does Luxottica have ISO 27001 certification ?
According to Rankiteo,Luxottica is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Luxottica
Luxottica operates primarily in the Luxury Goods & Jewelry industry.
Number of Employees at Luxottica
Luxottica employs approximately 19,446 people worldwide.
Subsidiaries Owned by Luxottica
Luxottica presently has no subsidiaries across any sectors.
Luxottica’s LinkedIn Followers
Luxottica’s official LinkedIn profile has approximately 847,276 followers.
NAICS Classification of Luxottica
Luxottica is classified under the NAICS code None, which corresponds to Others.
Luxottica’s Presence on Crunchbase
No, Luxottica does not have a profile on Crunchbase.
Luxottica’s Presence on LinkedIn
Yes, Luxottica maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/luxottica.
Cybersecurity Incidents Involving Luxottica
As of January 24, 2026, Rankiteo reports that Luxottica has experienced 6 cybersecurity incidents.
Number of Peer and Competitor Companies
Luxottica has an estimated 392 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Luxottica ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware, Cyber Attack and Breach.
What was the total financial impact of these incidents on Luxottica ?
Total Financial Loss: The total financial loss from these incidents is estimated to be $12.60 million.
How does Luxottica detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with public disclosure via washington state attorney general, and incident response plan activated with yes (post-breach), and third party assistance with yes (third-party hipaa security risk assessment), and containment measures with shortened email retention period, containment measures with enhanced mfa, containment measures with password policy updates, and remediation measures with security awareness training, remediation measures with audit mechanisms for weak passwords, remediation measures with third-party risk assessment, and communication strategy with class-action settlement notifications, communication strategy with regulatory disclosures (hhs, state ags)..
Incident Details
Can you provide details on each incident ?
Title: Luxottica Ransomware Attack
Description: The world's biggest eyewear company Luxottica was targeted by Windows Nefilim ransomware. The data about its financial and human resources operations was stolen and leaked on the dark web.
Type: Ransomware
Attack Vector: Unknown
Motivation: Financial
Title: Luxottica Data Breach
Description: A data breach at Luxottica resulted in the exposure of 70 million consumers' personal data.
Type: Data Breach
Title: FGX International Inc Data Breach
Description: The Indiana Office of the Attorney General reported that FGX International Inc experienced a data breach on May 7, 2020, affecting a total of 142 individuals, including 2 residents in Indiana. The breach notification was reported on September 22, 2020.
Date Detected: 2020-05-07
Date Publicly Disclosed: 2020-09-22
Type: Data Breach
Title: Eye Buy Direct Data Breach
Description: Eye Buy Direct, Inc. experienced a data breach potentially affecting the personal information of 17,031 Washington residents due to a security incident that might have started as early as September 1, 2018, and was addressed by September 28, 2019.
Date Resolved: September 28, 2019
Type: Data Breach
Title: Luxottica of America Inc. Data Breach (2020)
Description: The Washington State Office of the Attorney General reported a data breach involving Luxottica of America Inc. on October 27, 2020. The breach occurred on August 9, 2020, due to an automated cyberattack affecting approximately 12,166 individuals, and potentially compromising personal information including names, Social Security numbers, and health-related data.
Date Detected: 2020-08-09
Date Publicly Disclosed: 2020-10-27
Type: Data Breach
Title: EyeMed Email Breach Settlement
Description: Vision care benefits firm EyeMed agreed to pay $5 million to settle class action litigation involving a 2020 phishing email data breach. The incident, which exposed sensitive customer data from a shared email inbox, has already cost the company over $12.6 million in regulatory fines and settlements across multiple states. The breach affected up to 2.1 million consumers nationwide, with 692,154 class members identified in the settlement. Security improvements mandated include enhanced MFA, password policies, HIPAA risk assessments, and third-party audits.
Date Detected: 2020-09
Date Publicly Disclosed: 2020-09
Type: Data Breach
Attack Vector: Phishing (compromised shared email inbox with weak password)
Vulnerability Exploited: Weak PasswordLack of MFAProlonged Email Retention (6+ years)Shared Inbox Access
Motivation: Financial Gain (data exfiltration for fraud/identity theft)
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Phishing email (compromised shared inbox).
Impact of the Incidents
What was the impact of each incident ?
Incident : Ransomware LUX202211222
Data Compromised: Financial data, Human resources data
Incident : Data Breach LUX52424923
Data Compromised: Customer names, Emails, Phone numbers, Residences, Birthdates
Incident : Data Breach EYE249072825
Data Compromised: Personal Information
Incident : Data Breach ESS023091825
Data Compromised: Names, Social security numbers, Health-related data
Identity Theft Risk: High (PII exposed)
Incident : Data Breach EYE4802448100725
Financial Loss: $12.6M+ (regulatory fines, settlements, and litigation costs)
Data Compromised: Personal data, Sensitive customer information
Systems Affected: Shared Employee Email Inbox (enrollment processing)
Brand Reputation Impact: High (multiple regulatory actions and class-action lawsuit)
Legal Liabilities: $12.6M+ (fines: $4.5M NY DFS, $600K NY AG, $2.5M 4-state AG, $5M class-action)
Identity Theft Risk: High (personal data exposed)
What is the average financial loss per incident ?
Average Financial Loss: The average financial loss per incident is $2.10 million.
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Financial Data, Human Resources Data, , Customer Names, Emails, Phone Numbers, Residences, Birthdates, , Personal Information, Personal Identifiable Information (Pii), Protected Health Information (Phi), , Personal Data, Enrollment Information, Sensitive Customer Records and .
Which entities were affected by each incident ?
Incident : Data Breach LUX52424923
Entity Name: Luxottica
Entity Type: Company
Industry: Retail
Customers Affected: 70000000
Incident : Data Breach FGX254071625
Entity Name: FGX International Inc
Entity Type: Company
Customers Affected: 142
Incident : Data Breach EYE249072825
Entity Name: Eye Buy Direct, Inc.
Entity Type: Company
Industry: Retail
Customers Affected: 17,031 Washington residents
Incident : Data Breach ESS023091825
Entity Name: Luxottica of America Inc.
Entity Type: Corporation
Industry: Retail (Eyewear)
Location: United States
Customers Affected: 12166
Incident : Data Breach EYE4802448100725
Entity Name: EyeMed Vision Care
Entity Type: Healthcare (Vision Care Benefits Provider)
Industry: Healthcare
Location: Ohio, USA
Customers Affected: 2.1 million (nationwide); 692,154 (class members); 1.47 million (HHS report); 98,632 (New York residents)
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach ESS023091825
Communication Strategy: Public disclosure via Washington State Attorney General
Incident : Data Breach EYE4802448100725
Incident Response Plan Activated: Yes (post-breach)
Third Party Assistance: Yes (third-party HIPAA security risk assessment)
Containment Measures: Shortened email retention periodEnhanced MFAPassword policy updates
Remediation Measures: Security awareness trainingAudit mechanisms for weak passwordsThird-party risk assessment
Communication Strategy: Class-action settlement notificationsRegulatory disclosures (HHS, state AGs)
What is the company's incident response plan?
Incident Response Plan: The company's incident response plan is described as Yes (post-breach).
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Yes (third-party HIPAA security risk assessment).
Data Breach Information
What type of data was compromised in each breach ?
Incident : Ransomware LUX202211222
Type of Data Compromised: Financial data, Human resources data
Incident : Data Breach LUX52424923
Type of Data Compromised: Customer names, Emails, Phone numbers, Residences, Birthdates
Number of Records Exposed: 305759991
File Types Exposed: CSV
Incident : Data Breach FGX254071625
Number of Records Exposed: 142
Incident : Data Breach EYE249072825
Type of Data Compromised: Personal Information
Number of Records Exposed: 17,031
Incident : Data Breach ESS023091825
Type of Data Compromised: Personal identifiable information (pii), Protected health information (phi)
Number of Records Exposed: 12166
Sensitivity of Data: High
Personally Identifiable Information: namesSocial Security numbers
Incident : Data Breach EYE4802448100725
Type of Data Compromised: Personal data, Enrollment information, Sensitive customer records
Number of Records Exposed: 2.1 million (max estimate)
Sensitivity of Data: High (6+ years of customer data)
Data Exfiltration: Yes
Data Encryption: No (data stored in unencrypted email inbox)
File Types Exposed: EmailsAttachments (enrollment documents)
Personally Identifiable Information: Yes
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Security awareness training, Audit mechanisms for weak passwords, Third-party risk assessment, .
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by shortened email retention period, enhanced mfa, password policy updates and .
Ransomware Information
Was ransomware involved in any of the incidents ?
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Breach ESS023091825
Regulatory Notifications: Washington State Office of the Attorney General
Incident : Data Breach EYE4802448100725
Regulations Violated: HIPAA, California State Laws (e.g., CCPA), New York Financial Services Law (23 NYCRR 500),
Fines Imposed: $12.6M+ ($4.5M NY DFS, $600K NY AG, $2.5M 4-state AG, $5M class-action)
Legal Actions: Class-action lawsuit (settled 2026-01-07), NY DFS Consent Order (2022-10), NY AG Settlement (2022-01), 4-State AG Settlement (2023-05),
Regulatory Notifications: HHS (2020-09)State AGs (NY, NJ, FL, PA, OR)
How does the company ensure compliance with regulatory requirements ?
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through Class-action lawsuit (settled 2026-01-07), NY DFS Consent Order (2022-10), NY AG Settlement (2022-01), 4-State AG Settlement (2023-05), .
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : Data Breach EYE4802448100725
Lessons Learned: Shared inboxes with weak passwords are high-risk targets for phishing., Prolonged data retention increases exposure in breaches., MFA and password policies must be enforced rigorously in healthcare., Regulatory non-compliance (e.g., HIPAA) amplifies financial and reputational damage.
What recommendations were made to prevent future incidents ?
Incident : Data Breach EYE4802448100725
Recommendations: Implement strict MFA for all email accounts, especially shared inboxes., Enforce password complexity and rotation policies with audits., Limit data retention periods to minimize breach impact., Conduct regular HIPAA security risk assessments with third-party auditors., Segment networks to isolate sensitive data (e.g., enrollment systems)., Train employees on phishing awareness and incident reporting.Implement strict MFA for all email accounts, especially shared inboxes., Enforce password complexity and rotation policies with audits., Limit data retention periods to minimize breach impact., Conduct regular HIPAA security risk assessments with third-party auditors., Segment networks to isolate sensitive data (e.g., enrollment systems)., Train employees on phishing awareness and incident reporting.Implement strict MFA for all email accounts, especially shared inboxes., Enforce password complexity and rotation policies with audits., Limit data retention periods to minimize breach impact., Conduct regular HIPAA security risk assessments with third-party auditors., Segment networks to isolate sensitive data (e.g., enrollment systems)., Train employees on phishing awareness and incident reporting.Implement strict MFA for all email accounts, especially shared inboxes., Enforce password complexity and rotation policies with audits., Limit data retention periods to minimize breach impact., Conduct regular HIPAA security risk assessments with third-party auditors., Segment networks to isolate sensitive data (e.g., enrollment systems)., Train employees on phishing awareness and incident reporting.Implement strict MFA for all email accounts, especially shared inboxes., Enforce password complexity and rotation policies with audits., Limit data retention periods to minimize breach impact., Conduct regular HIPAA security risk assessments with third-party auditors., Segment networks to isolate sensitive data (e.g., enrollment systems)., Train employees on phishing awareness and incident reporting.Implement strict MFA for all email accounts, especially shared inboxes., Enforce password complexity and rotation policies with audits., Limit data retention periods to minimize breach impact., Conduct regular HIPAA security risk assessments with third-party auditors., Segment networks to isolate sensitive data (e.g., enrollment systems)., Train employees on phishing awareness and incident reporting.
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are Shared inboxes with weak passwords are high-risk targets for phishing.,Prolonged data retention increases exposure in breaches.,MFA and password policies must be enforced rigorously in healthcare.,Regulatory non-compliance (e.g., HIPAA) amplifies financial and reputational damage.
References
Where can I find more information about each incident ?
Incident : Data Breach FGX254071625
Source: Indiana Office of the Attorney General
Incident : Data Breach EYE249072825
Source: Washington State Attorney General's Office
Incident : Data Breach ESS023091825
Source: Washington State Office of the Attorney General
Date Accessed: 2020-10-27
Incident : Data Breach EYE4802448100725
Source: Information Security Media Group (ISMG)
Incident : Data Breach EYE4802448100725
Source: NY DFS Consent Order (2022-10)
Incident : Data Breach EYE4802448100725
Source: NY AG Settlement (2022-01)
Incident : Data Breach EYE4802448100725
Source: 4-State AG Settlement (NJ, FL, PA, OR; 2023-05)
Incident : Data Breach EYE4802448100725
Source: HHS Breach Report (2020-09)
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Indiana Office of the Attorney General, and Source: Washington State Attorney General's Office, and Source: Washington State Office of the Attorney GeneralDate Accessed: 2020-10-27, and Source: Information Security Media Group (ISMG), and Source: NY DFS Consent Order (2022-10), and Source: NY AG Settlement (2022-01), and Source: 4-State AG Settlement (NJ, FL, PA, OR; 2023-05), and Source: HHS Breach Report (2020-09).
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach EYE4802448100725
Investigation Status: Closed (settlements finalized; final court hearing on 2026-01-07)
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Public disclosure via Washington State Attorney General, Class-Action Settlement Notifications, Regulatory Disclosures (Hhs and State Ags).
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach EYE4802448100725
Stakeholder Advisories: Class-Action Settlement Notices, Regulatory Filings (Hhs, State Ags).
Customer Advisories: Breach notifications (2020)Settlement claims process (up to $10,100 per affected individual)
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Class-Action Settlement Notices, Regulatory Filings (Hhs, State Ags), Breach Notifications (2020), Settlement Claims Process (Up To $10,100 Per Affected Individual) and .
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach EYE4802448100725
Entry Point: Phishing email (compromised shared inbox)
High Value Targets: Customer Enrollment Data, Pii,
Data Sold on Dark Web: Customer Enrollment Data, Pii,
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach ESS023091825
Root Causes: Automated cyberattack (unspecified)
Incident : Data Breach EYE4802448100725
Root Causes: Weak Password On Shared Email Inbox, Lack Of Mfa, Excessive Data Retention (6+ Years), Inadequate Hipaa Compliance (Risk Assessments),
Corrective Actions: Enhanced Mfa And Password Policies, Third-Party Hipaa Security Risk Assessment, Reduced Email Retention Periods, Mandatory Security Awareness Training, Audit Mechanisms For Weak Passwords,
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Enhanced Mfa And Password Policies, Third-Party Hipaa Security Risk Assessment, Reduced Email Retention Periods, Mandatory Security Awareness Training, Audit Mechanisms For Weak Passwords, .
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2020-05-07.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2020-09.
What was the most recent incident resolved ?
Most Recent Incident Resolved: The most recent incident resolved was on September 28, 2019.
Impact of the Incidents
What was the highest financial loss from an incident ?
Highest Financial Loss: The highest financial loss from an incident was $12.6M+ (regulatory fines, settlements, and litigation costs).
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Financial data, Human resources data, , Customer names, Emails, Phone numbers, Residences, Birthdates, , Personal Information, names, Social Security numbers, health-related data, , Personal Data, Sensitive Customer Information and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Shared Employee Email Inbox (enrollment processing).
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Shortened email retention periodEnhanced MFAPassword policy updates.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Phone numbers, Financial data, names, Social Security numbers, Personal Data, Sensitive Customer Information, Human resources data, health-related data, Residences, Personal Information, Emails, Birthdates and Customer names.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 2.1M.
Regulatory Compliance
What was the highest fine imposed for a regulatory violation ?
Highest Fine Imposed: The highest fine imposed for a regulatory violation was $12.6M+ ($4.5M NY DFS, $600K NY AG, $2.5M 4-state AG, $5M class-action).
What was the most significant legal action taken for a regulatory violation ?
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was Class-action lawsuit (settled 2026-01-07), NY DFS Consent Order (2022-10), NY AG Settlement (2022-01), 4-State AG Settlement (2023-05), .
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Regulatory non-compliance (e.g., HIPAA) amplifies financial and reputational damage.
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Conduct regular HIPAA security risk assessments with third-party auditors., Train employees on phishing awareness and incident reporting., Implement strict MFA for all email accounts, especially shared inboxes., Segment networks to isolate sensitive data (e.g., enrollment systems)., Enforce password complexity and rotation policies with audits. and Limit data retention periods to minimize breach impact..
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are 4-State AG Settlement (NJ, FL, PA, OR; 2023-05), NY DFS Consent Order (2022-10), Information Security Media Group (ISMG), HHS Breach Report (2020-09), Indiana Office of the Attorney General, Washington State Office of the Attorney General, NY AG Settlement (2022-01) and Washington State Attorney General's Office.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Closed (settlements finalized; final court hearing on 2026-01-07).
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was Class-action settlement notices, Regulatory filings (HHS, state AGs), .
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued were an Breach notifications (2020)Settlement claims process (up to $10 and100 per affected individual).
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Phishing email (compromised shared inbox).
Post-Incident Analysis
What was the most significant root cause identified in post-incident analysis ?
Most Significant Root Cause: The most significant root cause identified in post-incident analysis was Automated cyberattack (unspecified), Weak password on shared email inboxLack of MFAExcessive data retention (6+ years)Inadequate HIPAA compliance (risk assessments).
What was the most significant corrective action taken based on post-incident analysis ?
Most Significant Corrective Action: The most significant corrective action taken based on post-incident analysis was Enhanced MFA and password policiesThird-party HIPAA security risk assessmentReduced email retention periodsMandatory security awareness trainingAudit mechanisms for weak passwords.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Typemill is a flat-file, Markdown-based CMS designed for informational documentation websites. A reflected Cross-Site Scripting (XSS) exists in the login error view template `login.twig` of versions 2.19.1 and below. The `username` value can be echoed back without proper contextual encoding when authentication fails. An attacker can execute script in the login page context. This issue has been fixed in version 2.19.2.
Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Description
A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the DomainCheckerApp class within domain/script.js of Sourcecodester Domain Availability Checker v1.0. The vulnerability occurs because the application improperly handles user-supplied data in the createResultElement method by using the unsafe innerHTML property to render domain search results.
Description
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Modern Image Gallery App v1.0 within the gallery/upload.php component. The application fails to properly validate uploaded file contents. Additionally, the application preserves the user-supplied file extension during the save process. This allows an unauthenticated attacker to upload arbitrary PHP code by spoofing the MIME type as an image, leading to full system compromise.
Description
A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at jailer startup, if the jailer is executed with root privileges. To mitigate this issue, users should upgrade to version v1.13.2 or 1.14.1 or above.
Risk Information
cvss3
Base: 6.0
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
cvss4
Base: 6.0
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description
An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the Aptsys gemscms backend platform thru 2025-05-28. This unauthenticated endpoint returns a list of cashier accounts, including names, email addresses, usernames, and passwords hashed using MD5. As MD5 is a broken cryptographic function, the hashes can be easily reversed using public tools, exposing user credentials in plaintext. This allows remote attackers to perform unauthorized logins and potentially gain access to sensitive POS operations or backend functions.
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=luxottica' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
