Ocuco Inc Data Breach Affects 240,961 Americans: SSNs Exposed

Published

June 12, 2025

Updated

July 30, 2025

Ocuco

Types of INFORMATION affected

Names
Social Security Numbers
Dates of Birth
Addresses
Government IDs
Medical Info
Financial Info

Ocuco Inc, an eyecare software solutions company has experienced a major data breach affecting several thousand individuals. Ocuco’s software is widely used across the optical industry, serving thousands of practices, clinics, and labs.

A ransomware attack compromised Ocuco’s systems, impacting both personally identifiable information (PII) and protected health information (PHI). The cybersecurity incident was disclosed to the U.S. Department of Health and Human Services on May 30, 2025, reporting a total of 240,961 individuals in the United States were affected.

The ransomware attack was carried out by a group known as Kill Security (also referred to as “killsec”), with the incident first surfacing on the dark web on April 1, 2025. The attackers claimed responsibility and posted details about the hack on the Tor network.

While the specific types of data exposed is still being investigated, a data breach compromising PII and PHI may involve dates of birth, contact information, health records and payment or insurance details. The data breach was disclosed to the Massachusetts Attorney General's office on June 20, 2025, reporting 197 Massachusetts residents affected.

The incident was later reported to the Texas Attorney General's office on June 30, 2025, disclosing 39,319 Texas residents were affected by the breach. A subsequent disclosure was made to the AG's office of California on July 11th.

Ocuco's response

The company has begun reporting the incident to federal authorities. Customers and affected individuals will be notified in accordance with regulatory requirements.

If you believe your personal or protected health information may have been compromised in this data breach:

Carefully review any notice or communication you receive from Ocuco or your eyecare provider.
Monitor financial accounts and credit reports for signs of identity theft.
Consider placing fraud alerts or credit freezes with major credit bureaus.
Be cautious of unsolicited emails or phone calls requesting personal information.

For more information about the company and its services, visit the Ocuco website.

Protect Your Data

A breach notice means your personal details could be circulating far beyond the organization involved. One practical step is continuous monitoring: services such as Identity Defender (included with an ExpressVPN subscription) can automatically check dark-web markets, flag new credit-file activity, and request removal of your information from data-broker sites.

This kind of “early-warning system” can’t undo a breach, but it can help you spot misuse quickly and limit further exposure. ExpressVPN is offering 61% off, risk-free for 30 days, with ID Theft Insurance included and no extra cost for those who sign up for one or two years.