Medical Eye Services, Inc.

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Medical Eye Services, Inc. (MESVision) experienced a data breach due to a critical vulnerability in the MOVEit file-transfer program. The breach occurred between May 28, 2023, and May 31, 2023, and was discovered on August 23, 2023. An unauthorized party accessed and removed files containing sensitive consumer information, including names and Social Security numbers. MESVision filed a notice of the breach with the Attorney General of Maine on November 14, 2023, and began sending out notification letters to affected individuals. The breach affected the protected health information of 346,828 individuals. MESVision is a vision care provider based in Santa Ana, California, and offers vision care plans nationwide. The company has taken steps to rebuild its MOVEit server and implement additional technical safeguards[1][4][7].

Citations:

  1. https://www.jdsupra.com/legalnews/mesvision-experiences-data-breach-9366481/
  2. https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/MedicalEyeServicesInc.pdf
  3. https://www.humana.com
  4. https://www.hipaajournal.com/healthcare-data-breach-round-up-november-16-2023/
  5. https://www.dfs.ny.gov/reports_and_publications/press_releases/pr202210181
  6. https://www.northwell.edu
  7. https://www.defensorum.com/data-breaches-at-medical-eye-services-peakmed-prospect-medical-services-and-4-more-healthcare-providers/
  8. https://compliancy-group.com/eyemed-ny-ag-settlement/
  9. https://dchealthlink.com
  10. https://healthitsecurity.com/news/eyemed-vision-care-to-pay-4.5m-to-ny-over-healthcare-data-breach
  11. https://techcrunch.com
  12. https://dockets.justia.com/docket/massachusetts/madce/1:2023cv12892/264145
  13. https://www.ibm.com/reports/data-breach
  14. https://therecord.media/eyemed-data-breach-settlement-four-states
  15. https://www.fastcompany.com
  16. https://ag.ny.gov/press-release/2022/attorney-general-james-announces-600000-agreement-eyemed-after-2020-data-breach
  17. https://hhs.iowa.gov
  18. https://healthitsecurity.com/news/eyemed-vision-care-reaches-2.5m-settlement-over-multistate-data-breach
  19. https://www.harvardpilgrim.org
Breach Submission Date Nov 14, 2023
Converted Entity Name Medical Eye Services, Inc.
Converted Entity Type Business Associate
State NY
Individuals Affected 377,931
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes