Luxottica of America, Inc. (“Luxottica”) is an owner of and/or service provider to eye care practices across the country. We recently learned that on August 5th an unauthorized person accessed the Luxottica-managed web application used for appointment scheduling.
On August 9, 2020, Luxottica learned of the incident, contained it, and immediately began an investigation to determine the extent of the incident. On August 28, 2020, we preliminarily concluded that the attacker may have accessed and acquired patient information.
The personal information involved in this incident may have included: full name, contact information, appointment date and time, health insurance policy number, and doctor or appointment notes that may indicate information related to eye care treatment, such as prescriptions, health conditions or procedures.
Luxottica is not aware of any misuse of personal information or harm to patients as a result of this incident. Nonetheless, we encourage potentially impacted individuals to remain vigilant. If you discover any suspicious activity on your accounts or if you suspect identity theft or fraud, report it immediately to your health plan or insurer.
We regret that this incident occurred and take our data protection responsibilities very seriously. We have taken measures to enhance our security controls and prevent this type of incident from recurring, including implementing additional access restrictions on our patient scheduling platform. We also notified federal law enforcement of this matter.
On October 27, 2020, Luxottica will begin mailing notice of the incident to impacted patients for whom the impacted eye care practices had current contact information. Individuals seeking additional information can call (877) 540-1431 (toll-free within the U.S. and Canada) or 1-629-221-3530 (toll rates and/or international dialing codes may be applicable) Monday through Friday 8:00 am to 5:30 pm Central Time, or Saturday and Sunday between 12:00 pm and 6:00 pm Central Time. Please know that we regret any inconvenience or concern this incident may cause.
IF YOU MADE AN APPOINTMENT WITH AN ONTARIO EYE CARE DOCTOR: You are entitled to make a complaint to the Information and Privacy Commissioner of Ontario. Information on submitting a complaint can be found at www.ipc.on.ca, or by contacting the Commissioner at:
Information and Privacy Commissioner of Ontario
2 Bloor Street East,
Toronto, ON M4W 1A8
IF YOU MADE AN APPOINTMENT WITH AN ALBERTA EYE CARE DOCTOR: You are entitled to request the Information and Privacy Commissioner of Alberta to investigate incidents involving the loss or unauthorized access or disclosure of your personal information. The Commissioner may be contacted at:
Office of the Information and Privacy Commissioner (Edmonton)
#410, 9925 - 109 Street NW
Edmonton, AB T5K 2J8
Office of the Information and Privacy Commissioner (Calgary)
Suite 2460, 801 6 Avenue SW
Calgary, AB T2P 3W2