Breach Database / Luxottica
Yes — Luxottica was breached.
- 77.1 million accounts affected
- Breach occurred 2021-03-16 · luxottica.com
- Verified entry in the Have I Been Pwned catalog
What happened
In March 2021, the world's largest eyewear company Luxoticca suffered a data breach via one of their partners that exposed the personal information of more than 70M people. The data was subsequently sold via a popular hacking forum in late 2022 and included email and physical addresses, names, genders, dates of birth and phone numbers. In a statement from Luxottica, they advised they were aware of the incident and are currently "considering other notification obligations".
What data was exposed
- Dates of birth
- Email addresses
- Genders
- Names
- Phone numbers
- Physical addresses
What to do right now
- Be alert for smishing and SIM-swap attempts. Treat unexpected texts and "carrier" calls with suspicion; add a PIN/port-freeze with your mobile carrier.
- Watch for targeted phishing mail. A leaked home address makes postal and doorstep scams more convincing.
- Expect convincing phishing emails. Attackers use breached details to write personalized emails. Be suspicious of any message referencing this service.
- Check your other accounts on Have I Been Pwned. Your email address may appear in other breaches you don't know about yet.
- Monitor the apps you use going forward. Clearly watches the breach record for the companies behind your apps and alerts you the moment one appears.
Breach data from Have I Been Pwned. Listing here means the service appears in the public breach record — not that your personal data was affected.