Dedicated to the pursuit of justice

Aetna and EyeMed Data Breach

December 18, 2020 Data Breaches

On July 1, 2020, EyeMed experienced a data breach when an unauthorized user gained access to the EyeMed mailbox and initiated a phishing scam to email addresses in the mailbox.  EyeMed is owned by Luxottica Group, which also suffered a separate data breach.

The compromised server contained email addresses of past and current customers who receive benefits through EyeMed. In addition, individuals with coverage through Aetna Vision Network may have been impacted by the breach. EyeMed provides administration services to Aetna for individuals who have ancillary vision coverage.

EyeMed reported that the cyberattack first occurred on June 24, 2020 and was discovered and shutdown on July 1,2020.

The company has identified those affected and contacted them.  However, it appears that EyeMed continues to discover more individuals and entities affected by the phishing scam.

A phishing scam is when hackers gain access to individuals’ personal and financial information by impersonating legitimate organizations. Gaining and maintaining access to EyeMed and Aetna client email addresses for almost a week has put individuals at risk of identity theft and more.

The data breach notification does not stipulate if any of the stolen information has been used nefariously. However, this does not mean that individuals are safe from future attacks.

Cyber criminals are known to sell batches of information on the dark web which could be used against individuals in the future.

The lack of adequate security measures in place by EyeMed and Aetna has put numerous clients at current and future risk of identify theft, fraud and more.

CaseyGerry is representing individuals affected by the EyeMed and Aetna Data Breach. If your vision network provider is under EyeMed Vision LLC, or Aetna Vision, and you have received notice of the breach, please contact our attorneys at (619) 238-1811 today for a confidential consultation.

Our attorneys have a successful track record of representing individuals affected by data breaches due to inadequate data security measures in place by companies.  Some of our recent cases include Yahoo! Inc. Data Breaches Class Action, Sony, Citrix and more.