Notice of Security Incident - EyeMed Vision Care, LLC
Fidelity Security Life Insurance Company® ("FSL") takes the privacy and confidentiality of the information provided to us and to our business partners very seriously.
FSL was notified of a cybersecurity incident by its appointed producer and Third-Party Service Provider, EyeMed Vision Care, LLC (“EyeMed”). On July 1, 2020, EyeMed discovered that an unauthorized individual gained access to an EyeMed email mailbox and sent phishing emails to email addresses contained in the mailbox’s address book. On the same day, EyeMed promptly blocked the unauthorized individual’s access to the mailbox and secured the mailbox. The mailbox contained information about current and former recipients of EyeMed vision insurance benefits.
EyeMed launched a comprehensive investigation into the incident and hired a cybersecurity firm to assist in its efforts. The investigation determined that personal information of participants potentially accessed included: full name, address, date of birth, phone number, email address, vision insurance account/identification number, health insurance account/identification number, Medicaid or Medicare number, driver’s license or other government identification number, and birth or marriage certificate. For some individuals, partial or full social security numbers and/or financial information were implicated and, in a few cases, medical diagnoses and conditions, and treatment information, and/or passport numbers were implicated.
While EyeMed does not know of any misuse of the information, it mailed letters to affected individuals and established a dedicated call center to answer any questions individuals may have. The letters included an offer for free credit monitoring and identity protection services for a duration of two years. Affected individuals should closely monitor financial statements, credit reports, and statements they receive from their health insurers. EyeMed also recommends that individuals review financial statements, credit reports, and statements they receive from their health insurer. If they see services they did not receive or accounts, charges, or withdrawals that they did not authorize, they should contact their health insurer immediately.
FSL and EyeMed regret any inconvenience this incident may cause individuals. To help prevent something like this from happening again, EyeMed has taken prompt action to enhance the protections that were already in place before the incident. Among other actions, EyeMed has implemented additional security measures for authorized access to its network and is providing additional security awareness training.
If you believe you have been affected and have not received a letter, please call EyeMed at 888-974-0076, Monday through Friday from 8:00 a.m. to 5:30 p.m. Central Time to learn if your information was involved in the breach.