SightCare, Inc.

SightCare, Inc. suffered a **ransomware cyberattack** between **April 20, 2021, and May 17, 2021**, compromising sensitive data of **700 individuals**. The breach exposed highly confidential information, including **names, Social Security numbers, driver’s license/ID numbers, financial and banking details, full dates of birth, health insurance policy/ID numbers, and medical records**. The attack’s scope suggests a **severe data exfiltration event**, where threat actors likely encrypted systems while extracting personal, financial, and health-related data—posing risks of **identity theft, financial fraud, and medical fraud**. Given the nature of the stolen data (e.g., SSNs, health records), the incident carries **long-term repercussions** for affected individuals, including potential **legal liabilities, regulatory fines (e.g., HIPAA violations), and reputational damage** for SightCare. The involvement of **ransomware** further implies operational disruption, though the article does not specify system downtime or ransom demands. The breach’s severity is amplified by the **sensitivity of the leaked data**, which extends beyond typical financial records to include **protected health information (PHI)**, making it a high-impact cybersecurity failure with implications for both **customer trust and compliance obligations**.

Source: https://www.atg.wa.gov/data-breach-notifications | https://data.wa.gov/resource/sb4j-ca4h.json?id=14087

TPRM report: https://www.rankiteo.com/company/sight-care-optometry-and-optical-inc

"id": "sig1013090725",
"linkid": "sight-care-optometry-and-optical-inc",
"type": "Ransomware",
"date": "4/2021",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"

{'affected_entities': [{'customers_affected': 700,
                        'industry': 'healthcare',
                        'location': 'Washington, USA',
                        'name': 'SightCare, Inc.',
                        'type': 'healthcare provider'}],
 'data_breach': {'number_of_records_exposed': 700,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'high',
                 'type_of_data_compromised': ['personally identifiable '
                                              'information (PII)',
                                              'protected health information '
                                              '(PHI)',
                                              'financial information']},
 'description': 'The Washington State Office of the Attorney General reported '
                'that SightCare, Inc. experienced a ransomware cyberattack '
                'between April 20, 2021, and May 17, 2021, compromising '
                'sensitive personal and financial data of 700 individuals.',
 'impact': {'data_compromised': ['names',
                                 'Social Security numbers',
                                 "driver's license or Washington ID numbers",
                                 'financial and banking information',
                                 'full dates of birth',
                                 'health insurance policy or ID numbers',
                                 'medical information'],
            'identity_theft_risk': 'high',
            'payment_information_risk': 'high'},
 'ransomware': {'data_encryption': True},
 'references': [{'source': 'Washington State Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': ['Washington State '
                                                        'Office of the '
                                                        'Attorney General']},
 'title': 'SightCare, Inc. Ransomware Cyberattack (2021)',
 'type': 'ransomware'}