EyeMed Vision Care Data Breach (2020)

EyeMed Vision Care LLC located in Ohio is a vision benefits firm, which discovered unauthorized access to its corporate email mailbox. The unauthorized person used the account to distribute phishing emails to contacts in the address book. On July 1, 2020, EyeMedVision Care discovered the breach and secured the account immediately. A breach investigation confirmed that the unauthorized person got access to the email account on June 24, 2020. The email account held the electronic protected health information (ePHI) of people who presently or have formerly got vision benefits from EyeMed. The following information is contained in the email account: names, dates of birth, email addresses, addresses, telephone numbers, and vision insurance account/identification numbers. Some persons likewise had their diagnoses and eye conditions, treatment data, and full or partial Social Security numbers included in the account. It wasn’t possible to ascertain if any of the details were viewed or gotten by the hacker during the time the email account was accessible. Nevertheless, there is no information received that indicate the misuse of any data. EyeMed Vision Care provided the affected people a two-year complimentary credit monitoring and identity protection services membership. EyeMed has since provided its workers with extra security awareness training and has carried out stricter security procedures for authorized access to its network.