Cyber Incident Victim: HOYA Optical Labs of America

HOYA Optical Labs of America, a Japanese-headquartered optical products manufacturer with a U.S. presence, experienced a ransomware attack impacting 3,259 American patients. The incident occurred on or around March 1, 2021, with the organization discovering the compromise in April 2021. Attackers exfiltrated patient data during the intrusion and subsequently published the stolen information on platforms controlled by the ransomware group. HOYA Optical Labs confirmed the data exposure to affected individuals, explicitly stating that threat actors publicly released the compromised records. The company initiated breach notifications to all impacted U.S. patients following its internal investigation into the incident's scope.

The confirmed impact involved unauthorized access to protected health information (PHI) of thousands of patients, though the specific data elements compromised were not publicly disclosed. Publication of stolen records by the ransomware operators significantly increased risks of identity theft and medical fraud for affected individuals beyond typical ransomware incidents involving solely encryption-based disruption. HOYA Optical Labs did not disclose whether ransom demands were made or paid, nor did it specify operational disruptions caused by the attack. The breach notification occurred alongside multiple other healthcare sector incidents reported in mid-2021, including insider threats at Aultman Health Foundation and third-party vendor breaches involving CaptureRx and Elekta systems. Federal regulators did not issue public statements specifically addressing the HOYA incident based on available reporting.