Data Breach

2021 data breach exposed data of 70 Million Luxottica customers

Luxottica has finally confirmed the 2021 data breach that exposed the personal information of 70 million customers.

Luxottica Group S.p.A. is an Italian eyewear conglomerate and the world’s largest company in the eyewear industry. As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. Its best known brands are Ray-Ban, Persol, and Oakley. Luxottica also makes sunglasses and prescription frames for designer brands such as Chanel, Prada, Giorgio Armani, Burberry, Versace, Dolce and Gabbana, Miu Miu, and Tory Burch.

On May 12, the cybersecurity expert Andrea Draghetti noticed that a threat actor released data belonging to Luxottica speculating a new databreach.

The threat actor released a 140GB database containing more than 300 million records. The researchers reported that the archive was containing 305.759.991 records (luxottica_nice.csv), with 74.417.098 unique email addresses and 2.590.076 unique domain emails.

The most recent entry in the database is March 16th, 2021, a circumstance that suggests it is a new data breach suffered by Luxottica.

BleepingComputer first reported the news, and Luxottica confirmed that the data breach is the result of a new security incident suffered by a third-party contractor that was managing its customer data.

Exposed data includes customer names, emails, phone numbers, addresses, and dates of birth.

The investigation into the security breach is still ongoing.

“We discovered through our proactive monitoring procedures that certain retail customer data, allegedly obtained through a third-party related to Luxottica retail customers, was published in an online post.
We immediately reported the incident to the FBI and the Italian Police. The owner of the website where the data was posted has been arrested by the FBI, the website was shut down and the investigation is ongoing. The Italian data protection authority has also been notified and we are considering other notification obligations.
From our investigation, which is still going on, we know so far that the data primarily consists of customer contact details including names, addresses, phone numbers, emails and dates of birth. The data does not include individuals’ financial information, social security numbers, login or password data or other information that would compromise the safety of our customers. 
EssilorLuxottica remains confident that its systems were not breached and its network remains secure.” reads the statement shared by Luxottica

This is the last incident in order of time suffered by the company.

On September 18, 2020, Luxottica was hit by a ransomware attack that took place on September 18.

In October, the Italian website “Difesa e Sicurezza” reported that the Nefilim ransomware operators have posted a long list of files that appear to belong to Luxottica. The huge trove of files appears to be related to the personnel office and finance departments.

The analysis of the leaked files revealed that they contain confidential information regarding the recruitment process, professional resumes, and info about the internal structures of the Group’s human resource department.

The exposed financial data included budgets, marketing forecast analysis, and other sensitive data.

In November 2020, the news of the data breach made the headlines, a security breach exposed the personal and protected health information of patients of LensCrafters, Target Optical, EyeMed, and other eye care practices.

The partners share a web-based appointment scheduling platform that is used by patients to schedule appointments online or over the phone.

Luxottica disclosed a security breach in the appointment scheduling application that took place on August 5, 2020.

According to a “Security Incident” notification issued by the company, it first became aware of the hack on August 9, 2020 and, after investigating the attack, determined on August 28 that the threat actors gained access to patients’ personal information.

“On August 9, 2020, Luxottica learned of the incident, contained it, and immediately began an investigation to determine the extent of the incident. On August 28, 2020, we preliminarily concluded that the attacker may have accessed and acquired patient information,” the Luxottica data breach notification states.

The notification confirms the exposure of information, including personal data (PII) and protected health information (PHI), such as medical conditions and history. For some patients, exposed information included credit card numbers and social security numbers.

In November 2022, a database containing 300 million records of personal information of Luxottica customers in the United States and Canada was offered for sale on the hacking forum BreachForums.

Exposed customer data included names, email addresses, addresses, and date of birth.

We are in the final

Please vote for Security Affairs (https://securityaffairs.com/) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini

Please nominate Security Affairs as your favorite blog.

Nominate Pierluigi Paganini and Security Affairs here here: https://docs.google.com/forms/d/e/1FAIpQLSepvnj8b7QzMdLh7vWEDQDqohjBUsHyn3x3xRdYGCetwVy2DA/viewform

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Cisco warns of password-spraying attacks targeting Secure Firewall devices

Cisco warns customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services…

20 mins ago

American fast-fashion firm Hot Topic hit by credential stuffing attacks

Hot Topic suffered credential stuffing attacks that exposed customers' personal information and partial payment data.…

4 hours ago

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

18 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

1 day ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

2 days ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

2 days ago

This website uses cookies.