Eyemart Express Data Breach: Social Security Numbers

Eyemart Express, a national optical retailer founded in 1990 with nearly 250 stores across 42 states, has been targeted in a data breach involving highly sensitive personal and medical information.

A filing with details of the breach was posted to the Texas Attorney General on April 17, 2026. The total number of individuals affected across the United States has not been specified publicly at this time.

On March 10, 2026, Payouts King, a ransomware group, posted on the dark web claiming to have obtained 435 gigabytes of Eyemart Express' internal data.

According to the group's claims, the compromised information includes corporate correspondence, employee personally identifiable information, financial documents, payroll reports, customer medical records, accident reports, corporate documents, non-disclosure agreements, contracts and employee personal folders and documents. The breadth of the claimed data reportedly spans customer records, employee files and internal corporate documents.

The types of consumer information confirmed to have been exposed in the breach include personally identifiable information (PII) such as names, addresses, Social Security numbers, driver's license numbers and dates of birth. The breach also involved protected health information (PHI), including medical information and health insurance information.

Eyemart Express' response to the breach

At this time, no details regarding credit monitoring, identity protection services or other resources for affected individuals have been included in publicly available records at this time.

Because highly sensitive information was involved in this breach, affected individuals may want to take protective action rather than waiting for a formal notification from the company.

Consumers who have provided personal or medical information to Eyemart Express should remain alert for any unusual activity on their financial accounts and health insurance statements in the coming weeks and months as the situation continues to develop.

Consumers should also review any future notifications from the company carefully for additional instructions and available resources.

Steps to take if your information was exposed

• Place a fraud alert or credit freeze. Contact Equifax (1-800-525-6285), Experian (1-888-397-3742) and TransUnion (1-800-680-7289) to restrict access to credit files and help prevent unauthorized accounts from being opened.
• Review credit reports for unfamiliar activity. Request free credit reports at AnnualCreditReport.com and carefully examine them for accounts, inquiries or other activity that is not recognized.
• Monitor health insurance statements. Review Explanation of Benefits statements from health insurers for medical services, prescriptions or claims that were not authorized or recognized.
• Be cautious of phishing attempts. Watch for emails, phone calls or text messages that reference Eyemart Express or this data breach by name, as scammers frequently use breach notifications to trick people into revealing additional personal information.
• Check for misuse of your driver's license number. Contact the relevant state Department of Motor Vehicles to verify that no unauthorized activity has been linked to the license number.
• Monitor Social Security activity. Create or review an account at ssa.gov to check earnings statements and watch for any signs that someone else may be using the Social Security number without authorization.