As June drew to a close, DataBreaches’ little notepad tabulations indicate that we already have reports from 32 entities impacted by the Eye Care Leaders breach last December. Readers may recall that ECL’s myCare Integrity platform was reportedly accessed by an unauthorized individual who deleted some of the databases before being detected.
As far as DataBreaches can tell, Eye Care Leaders has never clarified whether that unauthorized individual was an external threat actor who was trying to extort them by deleting their data after exfiltrating a copy or if it might be a disgruntled former employee who deleted data in revenge. Eye Care Leaders did not respond to inquiries from DataBreaches on that point.
In any event, by now we have reports from at least 32 clients or former clients of Eye Care Leaders. Taken together, and if my fingers and toes haven’t failed me from overuse, they report that 2,785,944 patients have been affected by this breach, making it the largest one reported to HHS so far in 2022.
Further analysis of the 32 reports finds that the mean number of patients impacted per client was 87,060.75 while the median number was 31,003.5.
These numbers will be updated if more reports are located or submitted.