Tri-Century Eye Care Data Breach Exposes PII & PHI of 200K+

On Sept. 3, 2025, Tri-Century Eye Care, an ophthalmology practice with multiple locations in Pennsylvania, detected suspicious activity within its internal network. An investigation took place and on Sept. 19, 2025, cybersecurity experts determined that a data breach compromised both personal and protected health information (PHI) belonging to 200,000 current and former patients and employees.

The eye care practice published a notice of data security incident on its website on Oct. 30, 2025. Exposed information included names, Social Security numbers, dates of birth, medical or health information, health care treatment or diagnostic information, health insurance information, billing or payment information, and tax or financial information.

The PEAR ransomware group claimed responsibility for the attack, announcing on a dark web forum on Sept. 18, 2025, that they had obtained sensitive information from the organization. Cyberattacks of this nature involve using malicious software to infiltrate the network and exfiltrate files. The stolen data could put those affected at risk for identity theft, financial fraud, and exposure of sensitive medical information.

The company disclosed the data breach to the U.S. Department of Health and Human Services on Oct. 31, 2025.

Tri-Century Eye Care's response

In response to the cybersecurity incident, Tri-Century Eye Care secured its environment, engaged cybersecurity experts and notified law enforcement. The company also implemented several enhanced security measures, including stronger password requirements, more frequent password changes, reduced access permissions, and offline storage of older data.

If you believe your personal information may have been compromised in this breach:

• Carefully review any notice or communication you receive from Tri-Century Eye Care.
• Monitor financial accounts and credit reports for signs of identity theft.
• Consider placing fraud alerts or credit freezes with the major credit bureaus.
• Be cautious of unsolicited emails or phone calls requesting personal information.

Tri-Century Eye Care has also established a toll-free call center for individuals with questions at 800-405-6108, available Monday through Friday from 8 a.m. to 8 p.m. ET.