Please note that log in for BLAW products will be unavailable for scheduled maintenance on Sunday, February 5th from approximately 4 AM to 5 AM EST.
Bloomberg Law
Free Newsletter Sign Up
Login
BROWSE
Bloomberg Law
Welcome
Login
Advanced Search Go
Free Newsletter Sign Up

New York Fines EyeMed $4.5 Million for Customer Data Breach (1)

Oct. 18, 2022, 4:16 PMUpdated: Oct. 19, 2022, 3:56 PM

EyeMed Vision Care LLC must pay a $4.5 million penalty to New York for an email data breach that exposed customer information in violation of the state’s cybersecurity regulation.

The company agreed to take steps toward better securing its data as part of a settlement with the New York State Department of Financial Services, the agency announced Tuesday.

A bad actor gained access to a shared EyeMed email account that contained more than six years’ worth of information on customers, including minors, following a July 2020 phishing attack, according to the department’s investigation.

The department found that EyeMed failed to ...