Optical software solutions provider, Ocuco Inc. based in Dublin, Ireland, , has lately informed the HHS’ Office for Civil Rights concerning a data breach that impacted the protected health information (PHI) of 240,961 people.
Ocuco boasts of being the world’s biggest supplier of retail optical software programs. Its business operations in the U.S. are based in Florida. Ocuco provides software such as the Acuitas practice management and electronic health record system. Many eye care practices, clinics, and lens production laboratories use Ocuco’s software products.
Ocuco disclosed information about the breach on May 30, 2025, but little data was provided. The OCR breach report indicates that the breach was due to a network server hacking incident. It seems, though, that a ransomware group called Killsec, also known as Kill Security, launched the ransomware attack.
Killsec states that as a hacktivist group, it engages in a financially driven ransomware-as-a-service operation, attacking government institutions and private industry companies. On April 1, 2025, Killsec put Ocuco on its dark web data leak website and published the stolen data online, which means that Ocuco did not pay the ransom.
Because the data breach report was submitted to the HHS’ Office for Civil Rights, it means that the protected health information (PHI) was exposed and potentially stolen during the cyberattack. The published stolen information on the dark web data leak site includes images of the stolen information, such as business records, appointment data, and a few folders associated with U.S. and Canadian eyecare customers, such as Costco, Kaiser, HoustonEye, Specsavers, Mayo Clinic, Optos, and others. A few law agencies have launched investigations into possible class action lawsuits as prompted by the data breach.
Updates on this news will be provided when it is available.
