News and Updates on Information Technology

Italy – Luxottica

Exploit: Ransomware
Luxottica: Eyewear Manufacturer 

Risk to Small Business: 2.237 = Severe

After suffering a nasty cyberattack a few months ago that severely impacted operations, eyewear giant Luxottica is in hot water again. Newly uncovered data from Dark Web sources that protected health information and PII for thousands of consumers who patronize common eyewear retailers. Sensitive company data was also stolen including contract information, financial information, and human resource documents. hackers have already begun releasing this data.

Individual Risk: 2.379 = Severe

The leaked data contained customer contact details, health insurance policy numbers, and appointment notes related to treatment, such as health conditions, procedures, and prescriptions, as well as other sensitive data, including the credit card information and Social Security information of some patients that patronize major eyewear retailers including LensCrafters, Sunglass Hut, and Pearle Vision, along with users of the EyeMed vision care plan. Consumers stay alert to identity theft and spear phishing possibilities.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Failure to adequately protect medical data is an expensive proposition and will undoubtedly draw the wrath of regulators in the US and EU. It pays to remember that one employee interacting with one phishing email can always be a recipe for disaster.