Ocuco Inc, an eyecare software solutions company has experienced a major data breach affecting several thousand individuals. Ocuco’s software is widely used across the optical industry, serving thousands of practices, clinics, and labs.
A ransomware attack compromised Ocuco’s systems, impacting both personally identifiable information (PII) and protected health information (PHI). The cybersecurity incident was disclosed to the U.S. Department of Health and Human Services on May 30, 2025, reporting a total of 240,961 individuals in the United States were affected.
The ransomware attack was carried out by a group known as Kill Security (also referred to as “killsec”), with the incident first surfacing on the dark web on April 1, 2025. The attackers claimed responsibility and posted details about the hack on the Tor network.
While the specific types of data exposed is still being investigated, a data breach compromising PII and PHI may involve dates of birth, contact information, health records and payment or insurance details. The data breach was disclosed to the Massachusetts Attorney General's office on June 20, 2025, reporting 197 Massachusetts residents affected.
The incident was later reported to the Texas Attorney General's office on June 30, 2025, disclosing 39,319 Texas residents were affected by the breach. A subsequent disclosure was made to the AG's office of California on July 11th.
The company has begun reporting the incident to federal authorities. Customers and affected individuals will be notified in accordance with regulatory requirements.
If you believe your personal or protected health information may have been compromised in this data breach:
For more information about the company and its services, visit the Ocuco website.