EssilorLuxottica
Company Details
Linkedin ID:
essilorluxottica
Website:
Employees number:
79,782
Number of followers:
1,328,942
NAICS:
30
Industry Type:
Homepage:
essilorluxottica.com
IP Addresses:
257
Company ID:
ESS_1745346
Scan Status:
Completed
EssilorLuxottica Company CyberSecurity Posture
essilorluxottica.com
We are EssilorLuxottica, a global leader in the design, manufacture and distribution of ophthalmic lenses, frames and sunglasses. Formed in 2018 by the combination of Essilor and Luxottica, our Company combines two centuries of innovation and human endeavour to elevate vision care and the consumer experience around it. We are home to the most loved and widely-recognized vision care and eyewear brands in the world. Our proprietary eyewear brands include Ray-Ban, Oakley, Costa, Vogue Eyewear, Persol and Oliver Peoples, complemented by over 20 prestigious licensed brands. Our advanced lens technologies include Varilux, Crizal, Eyezen, Stellest and Transitions. We offer superior shopping and patient experiences with a network of 18,000 stores including world-class retail brands like Sunglass Hut, LensCrafters, Salmoiraghi & Viganò and GrandVision. Every day, EssilorLuxottica’s more than 190,000 employees in 150 countries work towards a common mission to help people see more and be more. In 2021, the Company’s milestones included a collaboration with Meta to launch Ray-Ban Stories smart glasses; the acquisition of GrandVision bringing 39,000 new employees into our family; expansion of our International Employee Shareholding community, and the launch of Eyes on the Planet, our strategic approach to sustainability.
EssilorLuxottica A.I CyberSecurity Scoring
EssilorLuxottica Risk Score (AI oriented)Between 800 and 849
EssilorLuxottica
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
EssilorLuxottica Global Score (TPRM)XXXX
EssilorLuxottica
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
EssilorLuxottica Company CyberSecurity News & History
Past Incidents
6
Attack Types
3
Luxottica of America Inc.
Cyber Attack
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: On August 9, 2020, Luxottica of America Inc. experienced a data breach due to an **automated cyberattack**, reported by the Washington State Office of the Attorney General on October 27, 2020. The incident compromised the **personal information of approximately 12,166 individuals**, including highly sensitive data such as **names, Social Security numbers, and health-related records**. The breach stemmed from an external cyber intrusion, exposing individuals to potential risks like **identity theft, financial fraud, and unauthorized access to medical details**. While the exact method of the attack (e.g., phishing, exploit of a vulnerability) was not specified, the scale and nature of the exposed data—particularly **SSNs and health information**—indicate a severe privacy violation with long-term repercussions for affected parties. The company was legally obligated to notify impacted individuals and regulatory bodies, though the broader operational or reputational consequences for Luxottica were not detailed in the report. The incident underscores the vulnerabilities in handling **sensitive customer data**, especially when automated cyberattacks exploit systemic weaknesses. No ransomware demands were mentioned, but the **leak of personal and health data** aligns with high-severity impacts under data protection frameworks.
Eye Buy Direct, Inc.
Cyber Attack
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The Washington State Attorney General's Office reported that Eye Buy Direct, Inc. experienced a data breach potentially affecting the personal information of 17,031 Washington residents. The incident might have started as early as September 1, 2018, and was addressed by September 28, 2019. The breach type was a cyberattack, but specific details regarding the method of breach remain unclear.
EyeMed Vision Care
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: In 2020, EyeMed Vision Care suffered a **phishing email breach** where hackers accessed a shared inbox used by nine employees for enrollment processing. The compromised email, protected only by a weak password, contained **six years of sensitive customer data**, including personal and potentially financial information. The breach impacted **up to 2.1 million individuals** nationwide, though the class action settlement covered ~692,154 members. Regulatory fines and settlements have cost EyeMed **over $12.6 million**, including a $5M class action payout, $4.5M to New York’s DFS, $600K to the NY AG, and $2.5M to four other states. The company also faced mandatory security upgrades, including **MFA enhancements, password audits, HIPAA risk assessments, and reduced email retention periods**. The breach exposed customers to potential fraud, identity theft, and financial losses, with class members eligible for compensation up to $10,000 for documented damages. EyeMed denied wrongdoing but agreed to settlements to resolve negligence and compliance violation claims.
FGX International Inc
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The Indiana Office of the Attorney General reported that FGX International Inc experienced a data breach on May 7, 2020, affecting a total of 142 individuals, including 2 residents in Indiana. The breach notification was reported on September 22, 2020.
Luxottica
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: A data breach at Luxottica resulted in the exposure of 70 million consumers' personal data. Andrea Draghetti, a cybersecurity specialist, observed that a threat actor exposed Luxottica data, raising the possibility of a fresh data breach. Over 300 million records were included in a 140GB database that the threat actor leaked. According to the researchers, the archive (luxottica_nice.csv) contained 305.759.991 records, 74.417.098 unique email addresses, and 2.590.076 unique domain emails. Customer names, emails, phone numbers, residences, and birthdates are among the information that has been exposed.
Luxottica
Ransomware
Rankiteo Explanation
Attack threatening the organization's existence
Description: The world's biggest eyewear company Luxottica was targeted by Windows Nefilim ransomware. The data about its financial and human resources operations was stolen and leaked on the dark web.
EssilorLuxottica Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for EssilorLuxottica
Incidents vs Manufacturing Industry Average (This Year)
No incidents recorded for EssilorLuxottica in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for EssilorLuxottica in 2025.
Incident Types EssilorLuxottica vs Manufacturing Industry Avg (This Year)
No incidents recorded for EssilorLuxottica in 2025.
Incident History — EssilorLuxottica (X = Date, Y = Severity)
EssilorLuxottica cyber incidents detection timeline including parent company and subsidiaries
EssilorLuxottica Company Subsidiaries
We are EssilorLuxottica, a global leader in the design, manufacture and distribution of ophthalmic lenses, frames and sunglasses. Formed in 2018 by the combination of Essilor and Luxottica, our Company combines two centuries of innovation and human endeavour to elevate vision care and the consumer experience around it. We are home to the most loved and widely-recognized vision care and eyewear brands in the world. Our proprietary eyewear brands include Ray-Ban, Oakley, Costa, Vogue Eyewear, Persol and Oliver Peoples, complemented by over 20 prestigious licensed brands. Our advanced lens technologies include Varilux, Crizal, Eyezen, Stellest and Transitions. We offer superior shopping and patient experiences with a network of 18,000 stores including world-class retail brands like Sunglass Hut, LensCrafters, Salmoiraghi & Viganò and GrandVision. Every day, EssilorLuxottica’s more than 190,000 employees in 150 countries work towards a common mission to help people see more and be more. In 2021, the Company’s milestones included a collaboration with Meta to launch Ray-Ban Stories smart glasses; the acquisition of GrandVision bringing 39,000 new employees into our family; expansion of our International Employee Shareholding community, and the launch of Eyes on the Planet, our strategic approach to sustainability.
Loading...
EssilorLuxottica Similar Companies
SNEF
Group Snef is a French leader in the field of electrical installation and, more broadly, the management of finishing turnkey projects and operations. Group Snef operates in the fields of high- and low-voltage installations, industrial processes, HVAC and maintenance. Its services cover technic
Prysmian is a global cabling solutions provider leading the energy transition and digital transformation. By leveraging its wide geographical footprint and extensive product range, its track record of technological leadership and innovation, and a strong customer base, the company is well-placed to
Celestica enables the world's best brands. Through our unrivaled customer-centric approach, we partner with leading companies in aerospace and defense, communications, enterprise, healthtech, industrial, capital equipment, and smart energy to deliver solutions for their most complex challenges. A le
The Hershey Company
The Hershey Company is headquartered in Hershey, Pa., and is an industry-leading snacks company with a purpose to make more moments of goodness through its iconic brands. Hershey has approximately 20,000 employees around the world who work every day to deliver delicious, quality products. The comp
Colgate-Palmolive
Make More Smiles. We are Colgate-Palmolive, a caring, innovative growth company that is reimagining a healthier future for all people, their pets and our planet. For over 200 years, we've poured our care into creating a future where everyone has more reasons to smile. CP People develop, produce, dis
Philip Morris International (PMI) is a leading international consumer goods company working to deliver a smoke-free future and evolving its portfolio for the long term to include products outside of the tobacco and nicotine sector. Since 2008, PMI has invested more than USD 14 billion to develop, sc
Asian Paints
They say home is where the heart is. Which is why, since 1942, we’ve been helping customers transform empty properties to homes by dressing them up in warm hues, pastel shades and cool colours, to create spaces that truly represent you. Asian Paints has a lot of identities. We have been India’s larg
Jarden Corporation
Jarden Corporation is now part of Newell Brands, a global consumer goods company with a strong portfolio of well-known brands, including Paper Mate®, Sharpie®, Dymo®, EXPO®, Parker®, Elmer’s®, Coleman®, Jostens®, Marmot®, Rawlings®, Irwin®, Lenox®, Oster®, Sunbeam®, FoodSaver®, Mr. Coffee®, Rubbe
Steel Authority of India Limited (SAIL) traces its origin to the formative years of an emerging nation - India. After independence, the steel sector was to propel the economic growth and rapid industrialization of the country, and since 1973, SAIL steel has played a pivotal role in transforming the
.png)
EssilorLuxottica CyberSecurity News
November 19, 2025 03:43 PM
EssilorLuxottica introduces self-study area to Leonardo
The CPD-accredited area of the learning platform features content exploring the role of LOCs, myopia management, confidentiality,...
July 10, 2025 07:00 AM
Meta Puts $3.5 Billion Into Partner EssilorLuxottica, XPANCEO, Arago, Kartel Raise New Rounds
Trump hints his allies may buy TikTok. Meta invests $3.5B in Ray-Ban maker. XPANCEO, Arago, and Kartel raise funds. Smart glasses, AI chips,...
July 04, 2025 07:00 AM
Customer data leaked after Louis Vuitton Korea suffers cyberattack
News distribution : Louis Vuitton Korea confirmed a June 8 cyberattack that compromised customer contact data. It's the second breach to hit...
June 11, 2025 07:00 AM
Visit to VivaTechnology.
President Emmanuel Macron attended the opening of the 9th edition of the VivaTechnology, a premier tech and innovation summit in Paris, France.
January 24, 2024 08:00 AM
EssilorLuxottica IT EyeCare Obtains Prestigious ISO27001 and ISO27701 Certifications for High Standards in Telemedicine Data Processing
EssilorLuxottica IT EyeCare demonstrates compliance with requirements for ISO27001 standards and controls of the ISO27701 guideline global...
July 26, 2023 07:00 AM
EssilorLuxottica acquires Nuance Hearing for tens of millions of dollars to integrate
EssilorLuxottica, the world's largest eyewear group, has acquired Israeli startup Nuance Hearing. The deal, which was completed in late 2022.
May 26, 2023 09:16 AM
Careers
We are EssilorLuxottica, a global leader in world-class vision care products, including iconic eyewear, advanced lens technology and cutting-edge digital...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
EssilorLuxottica CyberSecurity History Information
Official Website of EssilorLuxottica
The official website of EssilorLuxottica is https://www.essilorluxottica.com.
EssilorLuxottica’s AI-Generated Cybersecurity Score
According to Rankiteo, EssilorLuxottica’s AI-generated cybersecurity score is 836, reflecting their Good security posture.
How many security badges does EssilorLuxottica’ have ?
According to Rankiteo, EssilorLuxottica currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does EssilorLuxottica have SOC 2 Type 1 certification ?
According to Rankiteo, EssilorLuxottica is not certified under SOC 2 Type 1.
Does EssilorLuxottica have SOC 2 Type 2 certification ?
According to Rankiteo, EssilorLuxottica does not hold a SOC 2 Type 2 certification.
Does EssilorLuxottica comply with GDPR ?
According to Rankiteo, EssilorLuxottica is not listed as GDPR compliant.
Does EssilorLuxottica have PCI DSS certification ?
According to Rankiteo, EssilorLuxottica does not currently maintain PCI DSS compliance.
Does EssilorLuxottica comply with HIPAA ?
According to Rankiteo, EssilorLuxottica is not compliant with HIPAA regulations.
Does EssilorLuxottica have ISO 27001 certification ?
According to Rankiteo,EssilorLuxottica is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of EssilorLuxottica
EssilorLuxottica operates primarily in the Manufacturing industry.
Number of Employees at EssilorLuxottica
EssilorLuxottica employs approximately 79,782 people worldwide.
Subsidiaries Owned by EssilorLuxottica
EssilorLuxottica presently has no subsidiaries across any sectors.
EssilorLuxottica’s LinkedIn Followers
EssilorLuxottica’s official LinkedIn profile has approximately 1,328,942 followers.
NAICS Classification of EssilorLuxottica
EssilorLuxottica is classified under the NAICS code 30, which corresponds to Manufacturing.
EssilorLuxottica’s Presence on Crunchbase
Yes, EssilorLuxottica has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/essilorluxottica.
EssilorLuxottica’s Presence on LinkedIn
Yes, EssilorLuxottica maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/essilorluxottica.
Cybersecurity Incidents Involving EssilorLuxottica
As of December 11, 2025, Rankiteo reports that EssilorLuxottica has experienced 6 cybersecurity incidents.
Number of Peer and Competitor Companies
EssilorLuxottica has an estimated 7,821 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at EssilorLuxottica ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack, Breach and Ransomware.
What was the total financial impact of these incidents on EssilorLuxottica ?
Total Financial Loss: The total financial loss from these incidents is estimated to be $12.60 million.
How does EssilorLuxottica detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with public disclosure via washington state attorney general, and incident response plan activated with yes (post-breach), and third party assistance with yes (third-party hipaa security risk assessment), and containment measures with shortened email retention period, containment measures with enhanced mfa, containment measures with password policy updates, and remediation measures with security awareness training, remediation measures with audit mechanisms for weak passwords, remediation measures with third-party risk assessment, and communication strategy with class-action settlement notifications, communication strategy with regulatory disclosures (hhs, state ags)..
Incident Details
Can you provide details on each incident ?
Title: Luxottica Ransomware Attack
Description: The world's biggest eyewear company Luxottica was targeted by Windows Nefilim ransomware. The data about its financial and human resources operations was stolen and leaked on the dark web.
Type: Ransomware
Attack Vector: Unknown
Motivation: Financial
Title: Luxottica Data Breach
Description: A data breach at Luxottica resulted in the exposure of 70 million consumers' personal data.
Type: Data Breach
Title: FGX International Inc Data Breach
Description: The Indiana Office of the Attorney General reported that FGX International Inc experienced a data breach on May 7, 2020, affecting a total of 142 individuals, including 2 residents in Indiana. The breach notification was reported on September 22, 2020.
Date Detected: 2020-05-07
Date Publicly Disclosed: 2020-09-22
Type: Data Breach
Title: Eye Buy Direct Data Breach
Description: Eye Buy Direct, Inc. experienced a data breach potentially affecting the personal information of 17,031 Washington residents due to a security incident that might have started as early as September 1, 2018, and was addressed by September 28, 2019.
Date Resolved: September 28, 2019
Type: Data Breach
Title: Luxottica of America Inc. Data Breach (2020)
Description: The Washington State Office of the Attorney General reported a data breach involving Luxottica of America Inc. on October 27, 2020. The breach occurred on August 9, 2020, due to an automated cyberattack affecting approximately 12,166 individuals, and potentially compromising personal information including names, Social Security numbers, and health-related data.
Date Detected: 2020-08-09
Date Publicly Disclosed: 2020-10-27
Type: Data Breach
Title: EyeMed Email Breach Settlement
Description: Vision care benefits firm EyeMed agreed to pay $5 million to settle class action litigation involving a 2020 phishing email data breach. The incident, which exposed sensitive customer data from a shared email inbox, has already cost the company over $12.6 million in regulatory fines and settlements across multiple states. The breach affected up to 2.1 million consumers nationwide, with 692,154 class members identified in the settlement. Security improvements mandated include enhanced MFA, password policies, HIPAA risk assessments, and third-party audits.
Date Detected: 2020-09
Date Publicly Disclosed: 2020-09
Type: Data Breach
Attack Vector: Phishing (compromised shared email inbox with weak password)
Vulnerability Exploited: Weak PasswordLack of MFAProlonged Email Retention (6+ years)Shared Inbox Access
Motivation: Financial Gain (data exfiltration for fraud/identity theft)
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Phishing email (compromised shared inbox).
Impact of the Incidents
What was the impact of each incident ?
Incident : Ransomware LUX202211222
Data Compromised: Financial data, Human resources data
Incident : Data Breach LUX52424923
Data Compromised: Customer names, Emails, Phone numbers, Residences, Birthdates
Incident : Data Breach EYE249072825
Data Compromised: Personal Information
Incident : Data Breach ESS023091825
Data Compromised: Names, Social security numbers, Health-related data
Identity Theft Risk: High (PII exposed)
Incident : Data Breach EYE4802448100725
Financial Loss: $12.6M+ (regulatory fines, settlements, and litigation costs)
Data Compromised: Personal data, Sensitive customer information
Systems Affected: Shared Employee Email Inbox (enrollment processing)
Brand Reputation Impact: High (multiple regulatory actions and class-action lawsuit)
Legal Liabilities: $12.6M+ (fines: $4.5M NY DFS, $600K NY AG, $2.5M 4-state AG, $5M class-action)
Identity Theft Risk: High (personal data exposed)
What is the average financial loss per incident ?
Average Financial Loss: The average financial loss per incident is $2.10 million.
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Financial Data, Human Resources Data, , Customer Names, Emails, Phone Numbers, Residences, Birthdates, , Personal Information, Personal Identifiable Information (Pii), Protected Health Information (Phi), , Personal Data, Enrollment Information, Sensitive Customer Records and .
Which entities were affected by each incident ?
Incident : Data Breach LUX52424923
Entity Name: Luxottica
Entity Type: Company
Industry: Retail
Customers Affected: 70000000
Incident : Data Breach FGX254071625
Entity Name: FGX International Inc
Entity Type: Company
Customers Affected: 142
Incident : Data Breach EYE249072825
Entity Name: Eye Buy Direct, Inc.
Entity Type: Company
Industry: Retail
Customers Affected: 17,031 Washington residents
Incident : Data Breach ESS023091825
Entity Name: Luxottica of America Inc.
Entity Type: Corporation
Industry: Retail (Eyewear)
Location: United States
Customers Affected: 12166
Incident : Data Breach EYE4802448100725
Entity Name: EyeMed Vision Care
Entity Type: Healthcare (Vision Care Benefits Provider)
Industry: Healthcare
Location: Ohio, USA
Customers Affected: 2.1 million (nationwide); 692,154 (class members); 1.47 million (HHS report); 98,632 (New York residents)
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach ESS023091825
Communication Strategy: Public disclosure via Washington State Attorney General
Incident : Data Breach EYE4802448100725
Incident Response Plan Activated: Yes (post-breach)
Third Party Assistance: Yes (third-party HIPAA security risk assessment)
Containment Measures: Shortened email retention periodEnhanced MFAPassword policy updates
Remediation Measures: Security awareness trainingAudit mechanisms for weak passwordsThird-party risk assessment
Communication Strategy: Class-action settlement notificationsRegulatory disclosures (HHS, state AGs)
What is the company's incident response plan?
Incident Response Plan: The company's incident response plan is described as Yes (post-breach).
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Yes (third-party HIPAA security risk assessment).
Data Breach Information
What type of data was compromised in each breach ?
Incident : Ransomware LUX202211222
Type of Data Compromised: Financial data, Human resources data
Incident : Data Breach LUX52424923
Type of Data Compromised: Customer names, Emails, Phone numbers, Residences, Birthdates
Number of Records Exposed: 305759991
File Types Exposed: CSV
Incident : Data Breach FGX254071625
Number of Records Exposed: 142
Incident : Data Breach EYE249072825
Type of Data Compromised: Personal Information
Number of Records Exposed: 17,031
Incident : Data Breach ESS023091825
Type of Data Compromised: Personal identifiable information (pii), Protected health information (phi)
Number of Records Exposed: 12166
Sensitivity of Data: High
Personally Identifiable Information: namesSocial Security numbers
Incident : Data Breach EYE4802448100725
Type of Data Compromised: Personal data, Enrollment information, Sensitive customer records
Number of Records Exposed: 2.1 million (max estimate)
Sensitivity of Data: High (6+ years of customer data)
Data Exfiltration: Yes
Data Encryption: No (data stored in unencrypted email inbox)
File Types Exposed: EmailsAttachments (enrollment documents)
Personally Identifiable Information: Yes
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Security awareness training, Audit mechanisms for weak passwords, Third-party risk assessment, .
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by shortened email retention period, enhanced mfa, password policy updates and .
Ransomware Information
Was ransomware involved in any of the incidents ?
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Breach ESS023091825
Regulatory Notifications: Washington State Office of the Attorney General
Incident : Data Breach EYE4802448100725
Regulations Violated: HIPAA, California State Laws (e.g., CCPA), New York Financial Services Law (23 NYCRR 500),
Fines Imposed: $12.6M+ ($4.5M NY DFS, $600K NY AG, $2.5M 4-state AG, $5M class-action)
Legal Actions: Class-action lawsuit (settled 2026-01-07), NY DFS Consent Order (2022-10), NY AG Settlement (2022-01), 4-State AG Settlement (2023-05),
Regulatory Notifications: HHS (2020-09)State AGs (NY, NJ, FL, PA, OR)
How does the company ensure compliance with regulatory requirements ?
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through Class-action lawsuit (settled 2026-01-07), NY DFS Consent Order (2022-10), NY AG Settlement (2022-01), 4-State AG Settlement (2023-05), .
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : Data Breach EYE4802448100725
Lessons Learned: Shared inboxes with weak passwords are high-risk targets for phishing., Prolonged data retention increases exposure in breaches., MFA and password policies must be enforced rigorously in healthcare., Regulatory non-compliance (e.g., HIPAA) amplifies financial and reputational damage.
What recommendations were made to prevent future incidents ?
Incident : Data Breach EYE4802448100725
Recommendations: Implement strict MFA for all email accounts, especially shared inboxes., Enforce password complexity and rotation policies with audits., Limit data retention periods to minimize breach impact., Conduct regular HIPAA security risk assessments with third-party auditors., Segment networks to isolate sensitive data (e.g., enrollment systems)., Train employees on phishing awareness and incident reporting.Implement strict MFA for all email accounts, especially shared inboxes., Enforce password complexity and rotation policies with audits., Limit data retention periods to minimize breach impact., Conduct regular HIPAA security risk assessments with third-party auditors., Segment networks to isolate sensitive data (e.g., enrollment systems)., Train employees on phishing awareness and incident reporting.Implement strict MFA for all email accounts, especially shared inboxes., Enforce password complexity and rotation policies with audits., Limit data retention periods to minimize breach impact., Conduct regular HIPAA security risk assessments with third-party auditors., Segment networks to isolate sensitive data (e.g., enrollment systems)., Train employees on phishing awareness and incident reporting.Implement strict MFA for all email accounts, especially shared inboxes., Enforce password complexity and rotation policies with audits., Limit data retention periods to minimize breach impact., Conduct regular HIPAA security risk assessments with third-party auditors., Segment networks to isolate sensitive data (e.g., enrollment systems)., Train employees on phishing awareness and incident reporting.Implement strict MFA for all email accounts, especially shared inboxes., Enforce password complexity and rotation policies with audits., Limit data retention periods to minimize breach impact., Conduct regular HIPAA security risk assessments with third-party auditors., Segment networks to isolate sensitive data (e.g., enrollment systems)., Train employees on phishing awareness and incident reporting.Implement strict MFA for all email accounts, especially shared inboxes., Enforce password complexity and rotation policies with audits., Limit data retention periods to minimize breach impact., Conduct regular HIPAA security risk assessments with third-party auditors., Segment networks to isolate sensitive data (e.g., enrollment systems)., Train employees on phishing awareness and incident reporting.
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are Shared inboxes with weak passwords are high-risk targets for phishing.,Prolonged data retention increases exposure in breaches.,MFA and password policies must be enforced rigorously in healthcare.,Regulatory non-compliance (e.g., HIPAA) amplifies financial and reputational damage.
References
Where can I find more information about each incident ?
Incident : Data Breach FGX254071625
Source: Indiana Office of the Attorney General
Incident : Data Breach EYE249072825
Source: Washington State Attorney General's Office
Incident : Data Breach ESS023091825
Source: Washington State Office of the Attorney General
Date Accessed: 2020-10-27
Incident : Data Breach EYE4802448100725
Source: Information Security Media Group (ISMG)
Incident : Data Breach EYE4802448100725
Source: NY DFS Consent Order (2022-10)
Incident : Data Breach EYE4802448100725
Source: NY AG Settlement (2022-01)
Incident : Data Breach EYE4802448100725
Source: 4-State AG Settlement (NJ, FL, PA, OR; 2023-05)
Incident : Data Breach EYE4802448100725
Source: HHS Breach Report (2020-09)
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Indiana Office of the Attorney General, and Source: Washington State Attorney General's Office, and Source: Washington State Office of the Attorney GeneralDate Accessed: 2020-10-27, and Source: Information Security Media Group (ISMG), and Source: NY DFS Consent Order (2022-10), and Source: NY AG Settlement (2022-01), and Source: 4-State AG Settlement (NJ, FL, PA, OR; 2023-05), and Source: HHS Breach Report (2020-09).
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach EYE4802448100725
Investigation Status: Closed (settlements finalized; final court hearing on 2026-01-07)
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Public disclosure via Washington State Attorney General, Class-Action Settlement Notifications, Regulatory Disclosures (Hhs and State Ags).
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach EYE4802448100725
Stakeholder Advisories: Class-Action Settlement Notices, Regulatory Filings (Hhs, State Ags).
Customer Advisories: Breach notifications (2020)Settlement claims process (up to $10,100 per affected individual)
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Class-Action Settlement Notices, Regulatory Filings (Hhs, State Ags), Breach Notifications (2020), Settlement Claims Process (Up To $10,100 Per Affected Individual) and .
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach EYE4802448100725
Entry Point: Phishing email (compromised shared inbox)
High Value Targets: Customer Enrollment Data, Pii,
Data Sold on Dark Web: Customer Enrollment Data, Pii,
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach ESS023091825
Root Causes: Automated cyberattack (unspecified)
Incident : Data Breach EYE4802448100725
Root Causes: Weak Password On Shared Email Inbox, Lack Of Mfa, Excessive Data Retention (6+ Years), Inadequate Hipaa Compliance (Risk Assessments),
Corrective Actions: Enhanced Mfa And Password Policies, Third-Party Hipaa Security Risk Assessment, Reduced Email Retention Periods, Mandatory Security Awareness Training, Audit Mechanisms For Weak Passwords,
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Enhanced Mfa And Password Policies, Third-Party Hipaa Security Risk Assessment, Reduced Email Retention Periods, Mandatory Security Awareness Training, Audit Mechanisms For Weak Passwords, .
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2020-05-07.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2020-09.
What was the most recent incident resolved ?
Most Recent Incident Resolved: The most recent incident resolved was on September 28, 2019.
Impact of the Incidents
What was the highest financial loss from an incident ?
Highest Financial Loss: The highest financial loss from an incident was $12.6M+ (regulatory fines, settlements, and litigation costs).
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Financial data, Human resources data, , Customer names, Emails, Phone numbers, Residences, Birthdates, , Personal Information, names, Social Security numbers, health-related data, , Personal Data, Sensitive Customer Information and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Shared Employee Email Inbox (enrollment processing).
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Shortened email retention periodEnhanced MFAPassword policy updates.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Social Security numbers, Birthdates, Residences, Personal Data, names, Financial data, Human resources data, Personal Information, Sensitive Customer Information, Phone numbers, Customer names, Emails and health-related data.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 2.1M.
Regulatory Compliance
What was the highest fine imposed for a regulatory violation ?
Highest Fine Imposed: The highest fine imposed for a regulatory violation was $12.6M+ ($4.5M NY DFS, $600K NY AG, $2.5M 4-state AG, $5M class-action).
What was the most significant legal action taken for a regulatory violation ?
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was Class-action lawsuit (settled 2026-01-07), NY DFS Consent Order (2022-10), NY AG Settlement (2022-01), 4-State AG Settlement (2023-05), .
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Regulatory non-compliance (e.g., HIPAA) amplifies financial and reputational damage.
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Enforce password complexity and rotation policies with audits., Implement strict MFA for all email accounts, especially shared inboxes., Segment networks to isolate sensitive data (e.g., enrollment systems)., Conduct regular HIPAA security risk assessments with third-party auditors., Train employees on phishing awareness and incident reporting. and Limit data retention periods to minimize breach impact..
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are NY DFS Consent Order (2022-10), Washington State Attorney General's Office, Washington State Office of the Attorney General, Information Security Media Group (ISMG), HHS Breach Report (2020-09), 4-State AG Settlement (NJ, FL, PA, OR; 2023-05), NY AG Settlement (2022-01) and Indiana Office of the Attorney General.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Closed (settlements finalized; final court hearing on 2026-01-07).
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was Class-action settlement notices, Regulatory filings (HHS, state AGs), .
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued were an Breach notifications (2020)Settlement claims process (up to $10 and100 per affected individual).
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Phishing email (compromised shared inbox).
Post-Incident Analysis
What was the most significant root cause identified in post-incident analysis ?
Most Significant Root Cause: The most significant root cause identified in post-incident analysis was Automated cyberattack (unspecified), Weak password on shared email inboxLack of MFAExcessive data retention (6+ years)Inadequate HIPAA compliance (risk assessments).
What was the most significant corrective action taken based on post-incident analysis ?
Most Significant Corrective Action: The most significant corrective action taken based on post-incident analysis was Enhanced MFA and password policiesThird-party HIPAA security risk assessmentReduced email retention periodsMandatory security awareness trainingAudit mechanisms for weak passwords.
.png)
Latest Global CVEs (Not Company-Specific)
Description
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions prior to 16.0.96 and 17.0.1 through 17.0.9 have a weak default password. By default, this is a 6 digit numeric value which can be brute forced. (This is the app_password parameter). Depending on local configuration, this password could be the extension, voicemail, user manager, DPMA or EPM phone admin password. This issue is fixed in versions 16.0.96 and 17.0.10.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. In versions 2.8.11 and below, the MySQLWriteTool executes arbitrary SQL provided by the caller using PDO::prepare() + execute() without semantic restrictions. This is consistent with the name (“write tool”), but in an LLM/agent context it becomes a high-risk capability: prompt injection or indirect prompt manipulation can cause execution of destructive queries such as DROP TABLE, TRUNCATE, DELETE, ALTER, or privilege-related statements (subject to DB permissions). Deployments that expose an agent with MySQLWriteTool enabled to untrusted input and/or run the tool with a DB user that has broad privileges are impacted. This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 9.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. Versions 2.8.11 and below use MySQLSelectTool, which is vulnerable to Read-Only Bypass. MySQLSelectTool is intended to be a read-only SQL tool (e.g., for LLM agent querying, however, validation based on the first keyword (e.g., SELECT) and a forbidden-keyword list does not block file-writing constructs such as INTO OUTFILE / INTO DUMPFILE. As a result, an attacker who can influence the tool input (e.g., via prompt injection through a public agent endpoint) may write arbitrary files to the DB server if the MySQL/MariaDB account has the FILE privilege and server configuration permits writes to a useful location (e.g., a web-accessible directory). This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Description
Okta Java Management SDK facilitates interactions with the Okta management API. In versions 11.0.0 through 20.0.0, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another request’s response. This issue is fixed in version 20.0.1.
Risk Information
cvss3
Base: 8.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
Description
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This issue is fixed in versions 4.11.2 and 4.12.1.
Risk Information
cvss3
Base: 5.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=essilorluxottica' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
