Eyemart Express Ransomware Attack Exposes Sensitive Customer Data

Severity: High (Score: 64.5)

Sources: Classaction, blog.rankiteo.com

Summary

Eyemart Express has reported a significant ransomware attack that compromised sensitive data of customers and employees. The breach, attributed to the ransomware group Payouts King, involved the exfiltration of approximately 435 GB of data, including names, addresses, Social Security numbers, driver's license numbers, medical information, health insurance details, and birth dates. The company disclosed the breach to the Texas Attorney General on April 17, 2026, after the attack was claimed on March 10, 2026. Legal investigations are underway, with law firms exploring potential compensation claims for affected individuals. Eyemart Express operates over 250 stores across 42 states, and the full impact of the breach is still being assessed. As of the latest reports, affected individuals have not yet been notified. The incident raises concerns about the adequacy of data protection measures in place at Eyemart Express. Key Points: • Eyemart Express suffered a ransomware attack exposing sensitive customer data. • The attackers, Payouts King, exfiltrated 435 GB of data including personal and medical information. • Legal investigations are ongoing, with potential class action lawsuits being considered.

Key Entities

• Data Breach (attack_type)
• Ransomware (attack_type)
• Eyemart Express (company)
• CWE-200 - Exposure of Sensitive Information (cwe)
• classaction.org (domain)
• T1041 - Exfiltration Over C2 Channel (mitre_attack)
• T1567 - Exfiltration Over Web Service (mitre_attack)
• Payouts King (ransomware_group)