Security News > 2023 > May > Luxottica confirms 2021 data breach after info of 70M leaks online
Luxottica has confirmed one of its partners suffered a data breach in 2021 that exposed the personal information of 70 million customers after a database was posted this month for free on hacking forums.
Luxottica suffered a data breach in August 2020 that exposed the personal information of 829,454 EyeMed and Lenscrafters patients.
Draghetti also determined the exfiltration date to be March 16th, 2021, based on the most recent database records, which meant that the data likely originated from a previously undisclosed data breach.
After BleepingComputer contacted Luxottica about the published data, the firm confirmed that the leaked data came from a security incident that impacted a third-party contractor holding customer data.
Troy Hunt, the owner of the "Have I Been Pwned" data breach notification service, told BleepingComputer that the leaked data includes 77,093,812 unique accounts, 74% of which are already in the platform's records.
Hunt told us that HIBP will send out over 320,000 notices of a breach to subscribers of the platform today concerning the 2021 Luxottica data breach.
News URL
Related news
- Hertz confirms customer info, drivers' licenses stolen in data breach (source)
- Hertz data breach: Customers in US, EU, UK, Australia and Canada affected (source)
- Landmark Admin data breach impact now reaches 1.6 million people (source)
- CISA warns of increased breach risks following Oracle Cloud leak (source)
- Entertainment services giant Legends International discloses data breach (source)
- 2025 Data Breach Investigations Report: Third-party breaches double (source)
- Yale New Haven Health data breach affects 5.5 million patients (source)
- Frederick Health data breach impacts nearly 1 million patients (source)
- Baltimore City Public Schools data breach affects over 31,000 people (source)
- VeriSource now says February data breach impacts 4 million people (source)