EyeMed Breach - June 2020 and July 2020
Date: June, 2020EyeMed is an Ohio-based vision insurance provider. It works with companies and individuals looking for insurance.
What Was the Breach?
The breach was unauthorized access to 2.1 million individuals’ non-public information (NPI). The hack lasted a week; in this time, the hacker could access more than six years’ worth of NPI, resulting in widespread panic. The information taken in the initial hack made it possible for the hacker to start another attack less than a month after their first. Notifications were not sent to affected parties until September 2020, three months after the first breach.
How Did the Breach Occur?
The breach occurred when a bad actor gained access to an employee’s email and used that access for personal gain. Not even a month after the initial breach, the hacker used the previously stolen email and sent out thousands of phishing attacks.
When Did This Breach Occur?
This breach occurred in June 2020 and then again in July 2020.
Who Does the Breach Impact?
The breach impacts a surprisingly small number of EyeMed customers. The insurers have over 62 million customers, which means that only about three percent of customers were affected by this breach.
How Many Files Does the Breach Affect?
The breach affected 2.1 million files. While the number may seem incredibly large, one must remember that many violations have had tens of millions of victims. The biggest data breach in history was a Yahoo! breach that affected 3 billion users.
Recent Breaches
Cisco Duo Breach
Cisco Duo is an access security provider that offers solutions for small business and commercial control products, including multi-factor authentication (MFA), single sign-on, and access control services....
AT&T Breach
American Telephone and Telegraph Company (AT&T) is the fourth-largest telecommunications provider, behind Verizon, Comcast, and China’s state-funded communications solution...
Fujitsu Limited Breach
Fujitsu Limited is the world’s sixth-largest IT service provider. Based in the Minato City ward of Tokyo, Japan, Fujitsu offers various technology solutions for personal and commercial use...
Cybersecurity and Infrastructure Security Agency Breach
The CISA collaborates with other government agencies to notify victims of breaches and respond to threats. These include the Federal Bureau of Investigation, the Multi-State Information Sharing & Analysis...
Roku Inc. Breach
Roku is a global streaming and entertainment organization. It offers solutions for direct streaming, live channels, music, niche channel entertainment, smart home devices, travel technology, audio options,...