
Laurel Eye Clinic, a multi-location ophthalmology and optometry practice based in Brookville, Pennsylvania, disclosed a data breach affecting approximately 42,295 people in the United States.
On Jan. 26, 2025, Laurel Eye Clinic experienced a network disruption that impacted the functionality and access of its computer systems. Upon discovering the suspicious activity, the clinic disconnected all access to its network and engaged a specialized third-party cybersecurity firm to help secure the environment and conduct a forensic investigation into the nature and scope of the incident.
Laurel Eye Clinic posted a notice of the data incident on its website in March 2025, soon after the discovery of the breach.
By March 6, 2025, the investigation found evidence that certain files belonging to the clinic had been obtained by an unauthorized user. A comprehensive review of the affected data was completed on Oct. 30, 2025.
After completing the review, the company spent additional months verifying the identities of affected individuals and obtaining their contact information. On April 15, 2026, Laurel Eye Clinic finalized its list of individuals to notify and began sending out notices on April 22, 2026.
According to their respective state's filing, 22 Maine residents, 4 New Hampshire residents and 37 Massachusetts residents were reported to have been affected.
The types of personally identifiable information that may have been exposed include names, dates of birth, driver's licenses, Social Security numbers, financial account numbers and routing numbers.
Protected health information may also have been compromised, including clinical information, medical treatment and procedure information, health insurance account numbers, patient ID numbers, provider names and provider locations. The specific types of information affected vary for each individual, according to the company's notification letters.
Laurel Eye Clinic is offering 12 months of complimentary single-bureau credit monitoring, credit report and credit score services through Cyberscout, a TransUnion company. These services provide alerts when changes occur to an individual's credit file. The company is also offering proactive fraud assistance and identity theft restoration services.
Affected individuals will receive a notification letter by U.S. First Class Mail containing a unique enrollment code and instructions for signing up. Enrollment must be completed within 90 days of the date of the letter.
For questions about the breach or help enrolling in the complimentary credit monitoring, affected individuals can call 1-833-289-9962 (toll free) Monday through Friday from 8 a.m. to 8 p.m. Eastern time, excluding U.S. national holidays.
Individuals can also reach Laurel Eye Clinic directly by phone at 814-949-8808 or by mail at 50 Waterford Pike, Brookville, Pennsylvania 15825.








.webp)
.webp)
.webp)

.webp)
.webp)
.webp)
.webp)