Panorama Eyecare Data Breach Affects 377,911 People, Leaking Social Security Numbers

On May 9, 2024, Panorama Eyecare discovered a significant data breach that affected 377,911 individuals in the United States. This breach exposed a wide range of sensitive consumer information, including names, addresses, Social Security numbers, driver's license numbers, medical information, health insurance details, dates of birth, and financial account numbers. The unauthorized access to Panorama Eyecare's internal network occurred between May 22, 2023, and June 4, 2023. During this period, an unauthorized party accessed and potentially removed certain files from the network environment.

The exposed information includes:

• Name of individual
• Address
• Social Security Number
• Driver’s License number
• Medical Information
• Health Insurance Information
• Date of Birth
• Financial Account Number or Credit/Debit Card Number (in combination with security code, access code, password, or PIN for the account)

The breach was disclosed to the Maine Attorney General's office, Texas Attorney General's office, and Massachusetts Attorney General's office. The notification to consumers was issued on June 5, 2024, through U.S. Mail and postings on the company's website.

Panorama Eyecare's Response

Upon discovering the breach, Panorama Eyecare took immediate action to secure their environment and initiated a thorough investigation. They worked closely with external cybersecurity professionals to conduct a comprehensive review of the impacted files. As a precautionary measure, Panorama Eyecare is offering affected individuals access to complimentary services through Experian IdentityWorksSM for a specified period. This includes identity restoration support and credit monitoring services to help protect against potential misuse of personal information.

Steps for Affected Individuals

If you are affected by this data breach, here are some steps you should take:

1. Enroll in Complimentary Credit Monitoring: Panorama Eyecare is providing affected individuals with access to Experian IdentityWorksSM. This service includes identity restoration support and credit monitoring. Ensure you enroll by the specified date using the provided activation code.
2. Place a Fraud Alert: Contact any of the three major credit bureaus (Equifax, Experian, TransUnion) to place a fraud alert on your credit files. This will inform creditors of possible fraudulent activity and request that they contact you before establishing any accounts in your name.
3. Consider a Security Freeze: If you are very concerned about becoming a victim of fraud or identity theft, you may request a security freeze on your credit file. This prohibits consumer reporting agencies from releasing your credit report without your express authorization.
4. Monitor Your Credit Reports: Under federal law, you are entitled to one free credit report every 12 months from each of the three major credit reporting companies. Regularly review your credit reports for discrepancies and report any suspicious activity.
5. Protect Your Medical Information: Review your health insurance statements and follow up with your insurance company or care provider for any items you do not recognize. Request a current year-to-date report of all services paid for you as a beneficiary.
6. Report Suspicious Activity: If you find any suspicious activity on your credit reports or have reason to believe your information is being misused, file a police report and contact the Federal Trade Commission (FTC) at www.ftc.gov/idtheft.