April 27, 2026 – Laurel Eye Clinic is (“LEC”) is writing to provide an update on its recent data security incident. This updated notice is intended to provide details about the incident, additional steps LEC is taking in response, and resources available to help protect against the potential misuse of personal information.
.
What Happened?
On January 26, 2025, LEC experienced a network disruption that impacted the functionality and access of its systems (the “Incident”). Upon discovery of this Incident, LEC immediately disconnected all access to the network and promptly engaged a specialized third-party cybersecurity firm and IT personnel to assist with securing the environment, as well as, to conduct a comprehensive forensic investigation to determine the nature and scope of the Incident. The investigation found evidence to suggest some LEC data has been accessed by an unauthorized individual.
Based on these findings, LEC initiated a comprehensive data mining project to determine what types of information, and which individuals may have been affected. Upon completion of the review, LEC spent the time necessary to verify the identities and obtain contact information so that it could provide notice to impacted individuals. LEC has since notified affected individuals by U.S. First Class Mail.
What Information Was Involved?
Based on the investigation, the following types of information may have been subject to unauthorized access: names, dates of birth, driver’s license numbers, username and passwords, clinical information, provider information, treatment/procedure information, diagnosis, Medical Record Numbers, patient identification numbers, health insurance information, financial account/routing numbers, and Social Security numbers. Please note that the information above varies for each potentially impacted individual.
What We Are Doing?
Data privacy and security is among LEC’s highest priorities, and we are committed to doing everything we can to protect the privacy and security of the personal information in our care. Upon discovery of the Incident, LEC quickly took the following steps, including, but not limited to: disconnecting all access to the network; implementing an organization-wide credential reset of all users; and adding additional security tools. Further, since the Incident, LEC has implemented additional security measures to prevent a similar incident from occurring in the future.
In light of the incident, LEC is providing affected individuals with complimentary credit monitoring and cyber monitoring services.
What You Can Do:
While we have not received any reports of related misuse of personal information relating to the Incident, we nevertheless encourage you to remain vigilant against incidents of identity theft and fraud, to review your account statements, and to monitor your credit reports for suspicious or unauthorized activity. Additionally, please review the enclosed Additional Resources to Help Protect Your Information, to learn more about how to protect against the possibility of information misuse.
Other Important Information:
We recognize that you may have questions not addressed in this notice. If you have any questions or concerns, please call 1-833-289-9962 (toll free) Monday through Friday, during the hours of 9:00 a.m. and 9:00 p.m. Eastern Standard Time (excluding U.S. national holidays). LEC sincerely regrets any concern or inconvenience this matter may cause and remains dedicated to ensuring the privacy and security of all information in our control.
ADDITIONAL RESOURCES TO HELP PROTECT YOUR INFORMATION
Monitor Your Accounts:
We recommend that you remain vigilant for incidents of fraud or identity theft by regularly reviewing your credit reports and financial accounts for any suspicious activity. You should contact the reporting agency using the phone number on the credit report if you find any inaccuracies with your information or if you do not recognize any of the account activity.
You may obtain a free copy of your credit report by visiting www.annualcreditreport.com, calling toll-free at 1-877-322-8228, or by mailing a completed Annual Credit Report Request Form (available at www.annualcreditreport.com) to Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA, 30348-5281. You may also purchase a copy of your credit report for a fee by contacting one or more of the three national credit reporting agencies.
You have rights under the federal Fair Credit Reporting Act (FCRA). The FCRA governs the collection and use of information about you that is reported by consumer reporting agencies. You can obtain additional information about your rights under the FCRA by visiting https://www.ftc.gov/legal-library/browse/statutes/fair-credit-reporting-act.
Credit Freeze
You have the right to add, temporarily lift and remove a credit freeze, also known as a security freeze, on your credit report at no cost. A credit freeze prevents all third parties, such as credit lenders or other companies, whose use is not exempt under law, from accessing your credit file without your consent. If you have a freeze, you must remove or temporarily lift it to apply for credit. Spouses can request freezes for each other as long as they pass authentication. You can also request a freeze for someone if you have a valid Power of Attorney. If you are a parent/guardian/representative, you can request a freeze for a minor 15 and younger. To add a security freeze on your credit report you must make a separate request to each of the three national consumer reporting agencies by phone, online, or by mail by following the instructions found at their websites (see “Contact Information” below). The following information must be included when requesting a security freeze: (i) full name, with middle initial and any suffixes; (ii) Social Security number; (iii) date of birth (month, day, and year); (iv) current address and any previous addresses for the past five (5) years; (v) proof of current address (such as a copy of a government-issued identification card, a recent utility or telephone bill, or bank or insurance statement); and (vi) other personal information as required by the applicable credit reporting agency.
Fraud Alert
You have the right to add, extend, or remove a fraud alert on your credit file at no cost. A fraud alert is a statement that is added to your credit file that will notify potential credit grantors that you may be or have been a victim of identity theft. Before they extend credit, they should use reasonable procedures to verify your identity. Please note that, unlike a credit freeze, a fraud alert only notifies lenders to verify your identity before extending new credit, but it does not block access to your credit report. Fraud alerts are free to add and are valid for one year. Victims of identity theft can obtain an extended fraud alert for seven years. You can add a fraud alert by sending your request to any one of the three national reporting agencies by phone, online, or by mail by following the instructions found at their websites (see “Contact Information” below). The agency you contact will then contact the other credit agencies.
Contact Information
Below is the contact information for the three national credit reporting agencies (Experian, Equifax, and TransUnion) if you would like to add a fraud alert or credit freeze to your credit report.
| Credit Reporting Agency | Access Your Credit Report | Add a Fraud Alert | Add a Security Freeze |
| Experian | P.O. Box 2002 Allen, TX 75013-9701 1-866-200-6020 www.experian.com | P.O. Box 9554 Allen, TX 75013-9554 1-888-397-3742 https://www.experian.com/fraud/center.html | P.O. Box 9554 Allen, TX 75013-9554 1-888-397-3742 www.experian.com/freeze/center.html |
| Equifax | P.O. Box 740241 Atlanta, GA 30374-0241 1-866-349-5191 www.equifax.com | P.O. Box 105069 Atlanta, GA 30348-5069 1-800-525-6285 www.equifax.com/personal/credit-report-services/credit-fraud-alerts | P.O. Box 105788 Atlanta, GA 30348-5788 1-888-298-0045 www.equifax.com/personal/credit–report-services |
| TransUnion | P.O. Box 1000 Chester, PA 19016-1000 1-800-888-4213 www.transunion.com | P.O. Box 2000 Chester, PA 19016 1-800-680-7289 www.transunion.com/fraud-alerts | P.O. Box 160 Woodlyn, PA 19094 1-800-916-8800 www.transunion.com/credit-freeze |
Federal Trade Commission
For more information about credit freezes and fraud alerts and other steps you can take to protect yourself against identity theft, you can contact the Federal Trade Commission (FTC) at 600 Pennsylvania Avenue NW, Washington, DC 20580, www.identitytheft.gov, 1-877-ID-THEFT (1-877-438-4338), TTY: 1-866-653-4261. The Federal Trade Commission also encourages those who discover that their information has been misused to file a complaint with them. You can obtain further information on how to file such a complaint by way of the contact information listed above.
You should also report instances of known or suspected identity theft to local law enforcement and the Attorney General’s office in your home state and you have the right to file a police report and obtain a copy of your police report.
Iowa and Oregon residents are advised to report suspected incidents of identity theft to local law enforcement, to their respective Attorney General, and the FTC.
Massachusetts residents are advised of their right to obtain a police report in connection with this incident.
District of Columbia residents are advised of their right to obtain a security freeze free of charge and can obtain information about steps to take to avoid identity theft by contacting the FTC (contact information provided above) and the Office of the Attorney General for the District of Columbia, Office of Consumer Protection, at 400 6th St. NW, Washington, D.C. 20001, by calling the Consumer Protection Hotline at (202) 442-9828, by visiting https://oag.dc.gov, or emailing at consumer.protection@dc.gov.
Maryland residents can obtain information about steps they can take to avoid identity theft by contacting the FTC (contact information provided above) or the Maryland Office of the Attorney General, Consumer Protection Division Office at 200 St. Paul Place, Baltimore, MD 21202, by phone at the main number: 410-576-6300 / En español: 410-230-1712 / toll free: 1-888-743-0023 / Consumer Hotline at 410-528-8662, or by visiting http://www.marylandattorneygeneral.gov/Pages/contactus.aspx. LEC is located at 50 Waterford Pike, Brookville, PA 15825 and can be reached at (814) 849-8344.
New Mexico residents, state law advises you to review personal account statements and credit reports, as applicable, to detect errors resulting from the security breach.
New York residents are advised that in response to this incident they can place a fraud alert or security freeze on their credit reports and may report any incidents of suspected identity theft to law enforcement, the FTC, the New York Attorney General, or local law enforcement. Additional information is available at the website of the New York Department of State Division of Consumer Protection at https://dos.nysits.acsitefactory.com/consumerprotection; by visiting the New York Attorney General at https://ag.ny.gov/ or by phone at 1-800-771-7755; or by contacting the FTC at www.ftc.gov/bcp/edu/microsites/idtheft/ or https://www.identitytheft.gov/#/.
North Carolina residents are advised to remain vigilant by reviewing account statements and monitoring free credit reports and may obtain information about preventing identity theft by contacting the FTC (contact information provided above) or the North Carolina Office of the Attorney General, Consumer Protection Division at 9001 Mail Service Center, Raleigh, NC 27699-9001, or visiting www.ncdoj.gov, or by phone at 1-877-5-NO-SCAM (1-877-566-7226) or (919) 716 6000.
Rhode Island residents are advised that they may file or obtain a police report in connection with this incident and place a security freeze on their credit file and that fees may be required to be paid to the consumer reporting agencies.