.png)
EyeCare Partners Data Breach Lawsuit Investigation
Shamis & Gentile P.A., one of the nation's premier class action law firms specializing in data breach cases, is investigating the EyeCare Partners, LLC data breach.
If you were affected by the data breach, your sensitive personally identifiable information may have been exposed, and you may be eligible for compensation.
About EyeCare Partners
EyeCare Partners, also known as ECP, is a major provider in the hospital and health care industry, focusing on eye care services. Headquartered in St. Louis, Missouri, ECP operates a national network across more than 700 affiliated practice locations in 18 states.
ECP manages a broad range of services, from routine optometry to advanced ophthalmology subspecialties.
What Happened?
On or around Jan. 28, 2025, EyeCare Partners discovered suspicious activity in an ECP-managed email account.
The company secured the account and launched an internal investigation, later bringing in a forensic security firm to assess the situation. The investigation found that an unauthorized third party had temporary access to certain ECP-managed email accounts between Dec. 3, 2024, and Jan. 28, 2025.
By Nov. 11, 2025, ECP determined that personal information was potentially accessed. The types of information exposed varied by individual.
The breach was reported to the Massachusetts Attorney General's Office on Feb. 4, 2026.
In Massachusetts, three individuals were reported as affected. The number of affected individuals across the nation is not specifiedin current disclosures.
Information Exposed:
- Names
- Contact information
- Social Security numbers
- Dates of birth
- Driver's licenses
- Government identification numbers
- Health plan information
- Limited clinical information
Your Rights and Next Steps
If you received a notice from ECP or suspect your information was involved, there are important steps you can take to protect yourself.
ECP has offered complimentary single bureau credit monitoring, credit report, and credit score services for 24 months through Cyberscout, a TransUnion company. It is important to enroll within 90 days of receiving the notification to take advantage of these services.
In addition, you may want to:
- Review your account statements and credit reports for any suspicious activity
- Place a fraud alert or security freeze on your credit reports with Equifax, Experian, and TransUnion
- Report any suspected identity theft to local law enforcement, your state attorney general, and the Federal Trade Commission (FTC)
- Obtain free weekly credit reports
Taking these steps can help reduce the risk of identity theft or fraud. Even if there is no evidence that your information has been misused, staying vigilant is important.
You May Be Entitled to Compensation
If you were affected by the EyeCare Partners data breach, you may be eligible for compensation. Data breach laws are designed to protect consumers, and lawyers are ready to help individuals seek justice and financial recovery for any harm suffered as a result of this incident.
To find out if you qualify and to join a lawsuit, complete the below form. Lawyers are actively investigating claims and can help guide you through the process.
.svg)