Menu
Browse

HOYA Optical Labs of America

Aliases: 2 aliases
Primary URL Location Industry
hoyalabs[.]com
Country United States of America
Healthcare Icon
Healthcare
Profile

HOYA Optical Labs of America operates under the aliases HOYA Optical Labs of America and HOYA Optical Labs. The organization’s headquarters is situated in the United States of America. As an optical laboratory, its primary function involves the manufacture of prescription lenses and related eyewear components. These products are distributed to vision care providers and patients across the United States. In the course of fulfilling orders, the entity collects and stores protected health information, which brings it under the scope of healthcare privacy regulations such as HIPAA. The organization therefore functions at the intersection of optical product manufacturing and the handling of sensitive personal data. Its role requires adherence to standards governing the confidentiality, integrity, and availability of patient information. The services it provides support the broader vision care industry by supplying customized optical solutions.

In March 2021, HOYA Optical Labs of America experienced a ransomware attack that resulted in the compromise of patient information. The security incident was not identified until the following month, at which point the organization initiated its breach response procedures. Notifications were sent to approximately 3,260 individuals located in the United States, informing them of unauthorized access to their protected health data. Subsequent investigation confirmed that the attackers had exfiltrated the information and later published it publicly. The organization acknowledged the data theft and confirmed that the compromised records had been disseminated by the threat actors. This episode illustrates the vulnerability of health‑related data to ransomware campaigns that seek both financial gain and notoriety. It also highlights the necessity for optical laboratories that manage personal health information to implement robust cybersecurity safeguards. The incident serves as a case study of how a breach in a specialized medical‑technology setting can affect a sizable patient cohort.

Incidents
Linked incidents available to members
1 incident