Security News > 2023 > May > Luxottica confirms 2021 data breach after info of 70M leaks online
Luxottica has confirmed one of its partners suffered a data breach in 2021 that exposed the personal information of 70 million customers after a database was posted this month for free on hacking forums.
Luxottica suffered a data breach in August 2020 that exposed the personal information of 829,454 EyeMed and Lenscrafters patients.
Draghetti also determined the exfiltration date to be March 16th, 2021, based on the most recent database records, which meant that the data likely originated from a previously undisclosed data breach.
After BleepingComputer contacted Luxottica about the published data, the firm confirmed that the leaked data came from a security incident that impacted a third-party contractor holding customer data.
Troy Hunt, the owner of the "Have I Been Pwned" data breach notification service, told BleepingComputer that the leaked data includes 77,093,812 unique accounts, 74% of which are already in the platform's records.
Hunt told us that HIBP will send out over 320,000 notices of a breach to subscribers of the platform today concerning the 2021 Luxottica data breach.
News URL
Related news
- Rhode Island confirms data breach after Brain Cipher ransomware attack (source)
- Texas Tech University System data breach impacts 1.4 million patients (source)
- Ireland fines Meta $264 million over 2018 Facebook data breach (source)
- New fake Ledger data breach emails try to steal crypto wallets (source)
- Meta Fined €251 Million for 2018 Data Breach Impacting 29 Million Accounts (source)
- 46% of financial institutions had a data breach in the past 24 months (source)
- Ransomware gang leaks data stolen in Rhode Island's RIBridges Breach (source)
- UN aviation agency investigating possible data breach (source)
- Washington state sues T-Mobile over 2021 data breach security failures (source)
- Largest US addiction treatment provider notifies patients of data breach (source)