Eyemart Express Hit by Ransomware Attack, Exposing Sensitive Customer Data
Eyemart Express, a national optical retailer with nearly 250 stores across 42 states, has confirmed a ransomware attack that compromised sensitive customer and employee data. The Texas-based company, which operates under brands like Vision 4 Less and Eyewear Express, disclosed the breach to the Texas Attorney General on April 17, 2026, after the ransomware group Payouts King claimed responsibility on March 10, 2026.
The attackers allegedly exfiltrated 435 GB of data, including corporate documents, financial records, and personal information. Confirmed exposed data includes:
- Names
- Addresses
- Social Security numbers
- Driver’s license numbers
- Medical and health insurance details
- Dates of birth
Eyemart Express, founded in 1990, provides affordable eyewear with same-day service through its in-house labs. The incident has prompted legal investigations, with law firm Shamis & Gentile P.A. examining potential compensation claims for affected individuals. The full scope of the breach’s impact remains under review.
Source: https://www.claimdepot.com/investigations/eyemart-express-data-breach-2026
Eyemart Express cybersecurity rating report: https://www.rankiteo.com/company/eyemart-express
"id": "EYE1776458202",
"linkid": "eyemart-express",
"type": "Ransomware",
"date": "3/2026",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Retail (Optical)',
'location': 'Texas, USA',
'name': 'Eyemart Express',
'size': 'Nearly 250 stores across 42 states',
'type': 'Corporation'}],
'data_breach': {'data_exfiltration': 'Yes',
'personally_identifiable_information': ['Names',
'Addresses',
'Social Security '
'numbers',
'Driver’s license '
'numbers',
'Medical and health '
'insurance details',
'Dates of birth'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Corporate documents',
'Financial records',
'Personal information']},
'date_detected': '2026-03-10',
'date_publicly_disclosed': '2026-04-17',
'description': 'Eyemart Express, a national optical retailer with nearly 250 '
'stores across 42 states, has confirmed a ransomware attack '
'that compromised sensitive customer and employee data. The '
'Texas-based company disclosed the breach after the ransomware '
'group Payouts King claimed responsibility and allegedly '
'exfiltrated 435 GB of data, including corporate documents, '
'financial records, and personal information.',
'impact': {'data_compromised': '435 GB of data',
'identity_theft_risk': 'High',
'legal_liabilities': 'Potential compensation claims under review'},
'investigation_status': 'Under review',
'ransomware': {'data_exfiltration': 'Yes'},
'references': [{'source': 'Texas Attorney General Disclosure'}],
'regulatory_compliance': {'legal_actions': 'Legal investigations by Shamis & '
'Gentile P.A. for potential '
'compensation claims',
'regulatory_notifications': 'Disclosed to Texas '
'Attorney General'},
'threat_actor': 'Payouts King',
'title': 'Eyemart Express Hit by Ransomware Attack, Exposing Sensitive '
'Customer Data',
'type': 'Ransomware'}