Bloomberg Law
Oct. 18, 2022, 4:16 PMUpdated: Oct. 19, 2022, 3:56 PM

New York Fines EyeMed $4.5 Million for Customer Data Breach (1)

Andrea Vittorio
Andrea Vittorio

EyeMed Vision Care LLC must pay a $4.5 million penalty to New York for an email data breach that exposed customer information in violation of the state’s cybersecurity regulation.

The company agreed to take steps toward better securing its data as part of a settlement with the New York State Department of Financial Services, the agency announced Tuesday.

A bad actor gained access to a shared EyeMed email account that contained more than six years’ worth of information on customers, including minors, following a July 2020 phishing attack, according to the department’s investigation.

The department found that EyeMed failed to ...

Learn more about Bloomberg Law or Log In to keep reading:

Learn About Bloomberg Law

AI-powered legal analytics, workflow tools and premium legal & business news.

Already a subscriber?

Log in to keep reading or access research tools.