Data breach confirmed by Luxottica after leak of over 70M customers’ records

Eyecare giant Luxottica, which owns Ray-Ban and Oakley, as well as operates U.S. vision insurance firm EyeMed Vision Care, has disclosed being impacted by a third-party data breach in 2021 impacting 70 million customers following the leak of a stolen database on various hacking forums from April 30 to May 12, BleepingComputer reports. Investigation into the incident is still ongoing but Luxottica has confirmed that customers' full names, birthdates, email addresses, home addresses, and phone numbers have been compromised. The stolen database was confirmed by D3Lab lead researcher Andrea Draghetti to have 305 million records, including 74.4 million unique email addresses and 2.6 million unique domain email addresses, with data found to be exfiltrated on March 16, 2021. Meanwhile, Have I Been Pwned's Troy Hunt said that more than 77 million unique accounts were included in the leaked data, 74% of which are already in HIBP. More than 320,000 breach notices regarding the incident will be sent to HIBP subscribers, said Hunt.