Skip to main content
close up of human eye close up of human eye

Ocuco Data Breach Investigation

Written by Joseph Lyon on . Posted in Data Breach.

The data breach lawyers at The Lyon Firm are investigating a recent data breach incident reported at Ocuco, Inc., a software solutions company specializing in products for the optical industry. Ocuco announced to the U.S. Department of Health and Human Services (HHS) that they experienced a large data breach affecting over 240,000 individuals.

Contact our legal team to learn more about how to protect yourself following a data theft incident and to consider filing a class action complaint to hold any negligent company accountable for the loss of personal data. Compensation may be available for all individuals impacted in a data privacy violation lawsuit. Call for a free case review.

What Happened at Ocuco?

A ransomware attack allegedly compromised Ocuco’s IT network, potentially impacting both personally identifiable information (PII) and protected health information (PHI) of up to 240,961 individuals.  The cybersecurity incident was disclosed to the HHS on May 30, 2025, and the company should be sending out a data breach notification letter soon to every known impacted individual.

The cyberattack was reportedly carried out by a group known as Kill Security (or killsec), with information of the incident first landing on the dark web on April 1, 2025. Killsec claimed responsibility and posted details about the hack on the Tor network.

The specific types of data exposed is still being investigated, but the accessed data may have contained PII and PHI, including a range of personal information, health records or insurance details shared with the company. Headquartered in Ireland, Ocuco offers software solutions to independent and regional optical retailers, ophthalmology clinics, and optical labs worldwide. The software is used widely in the optical industry, serving thousands of practices, clinics, and labs.