Superior Vision Services hit by email phishing attack, exposes data of health plan members
Learn More
Superior Vision Services, Inc., a vision benefit provider based in Troy, New York, was hit by an email phishing attack that compromised sensitive personal and protected health information of thousands of plan members.
On July 9, 2025, an employee of Superior Vision fell victim to an email phishing attack, granting an unauthorized actor access to internal company email accounts. The incident was discovered two days later, on July 11, 2025, when Superior Vision detected the suspicious activity within its email system.
The investigation confirmed that the unauthorized party may have downloaded internal emails containing member information and that both personally identifiable information and protected health information were compromised. The exposed information includes:
- Full names
- Physical addresses
- Phone numbers
- Email addresses
- Dates of birth
- Gender
- Social Security numbers
- Vision coverage election information
- Employment information related to enrollment
The total number of impacted individuals has not been publicly released by Superior Vision Services
The data breach was formally disclosed to regulators between September 26, 2025, and September 29, 2025 and individuals are being notified. As part of its remediation efforts, Superior Vision is offering affected individuals one free year of three-bureau credit monitoring services to help protect against potential identity theft and fraud.
