Century Vision 2025 Data Breach

Century Vision Eye Care Provider Breach (2025): 42K Patient Records Including SSN Exposed | ObscureIQ
ObscureIQ Breach Intelligence

Classification Tags

AbyssMedicalEmail AddressPhone NumberPhysical AddressSocial Security Number
High SeverityWebsite / service breach

Century Vision Eye Care Provider Breach (2025): 42K Patient Records Including SSN Exposed

Eye care and vision services provider.

Verified by ObscureIQ Intelligence
77/100Breach Risk Index
27Data Value
40Market Recency
215dSince Breach

Breach Intelligence Summary

Entity: Century Vision · Actor: Abyss · Sources: 2 references
Attack: Unknown
Profile: Company · Optical products and services · Vision care provider · Global
Timeline: Breach (2025-02-02) · Indexed (Sep 24, 2025) · Year (2025)
Exposure: 42K records · 4 fields: Email Address, Phone Number, Physical Address, Social Security Number
Status: Reported

Executive Summary

A ransomware attack attributed to the Abyss group surfaced on February 2, 2025 affecting Century Vision Global, a U.S.-based eye-care acquisition and management services organization, along with three affiliated clinic websites: independenceeye.com, kocheye.com, and prairieeyecenter.com. Century Vision Global serves as the parent management services provider for these clinics, which means a single compromise at the central support layer cascades into every affiliated practice.\n\nThe exposed data covered approximately 41,800 records, including names, email addresses, phone numbers, home addresses, and Social Security numbers. Because the affected entities are healthcare providers, additional protected health information including treatment, diagnostic, and insurance records may also have been compromised, although the published field set focuses on identity and contact data. No payment-card or banking exposure has been publicly reported.\n\nFor affected patients, the practical risk is identity theft and medical-identity fraud. The combination of name, home address, and Social Security number is a strong base for fraudulent credit applications, tax-return fraud, and insurance abuse. Anyone notified by Century Vision Global, Independence Eye, Koch Eye Associates, or Prairie Eye Center should treat their Social Security number as exposed, freeze credit at all three U.S. bureaus, and remain alert to suspicious medical billing or insurance correspondence. People should also be cautious of any unsolicited contact referencing past eye-care appointments or treatment, since attackers can use such pretexts to extract additional information.

ObscureIQ assessment: Exposure enables identity theft, billing fraud, and scams using care or purchase pretexts. Vision-related treatment data may also create privacy concerns.

Breach Impact

Direct institutional cost to Century Vision Global has been moderated by the company's lower public profile, but the impact extends across the affiliated clinics that share its centralized systems. As a healthcare-acquisition company supporting affiliated practices, a compromise at the central support layer creates simultaneous regulatory exposure for each affected clinic under the U.S. Health Insurance Portability and Accountability Act, including potential breach-notification, fine, and resolution-agreement obligations through the Department of Health and Human Services Office for Civil Rights. The incident also weakens the consolidation pitch the company makes to acquired practices, since shared services include shared cyber risk.

About Century Vision

Century Vision Global is a U.S.-based vision care acquisition and clinical support company. The privately held firm focuses on acquiring eye-care practices and providing centralized non-clinical services such as IT, billing, and operations support to the clinics in its network. As of recent reporting it employs around 400 people and reports approximately $92 million in annual revenue. Affiliated practices in the Century Vision Global network include independenceeye.com, kocheye.com, and prairieeyecenter.com, with operations spanning multiple U.S. states.

Why They Hold Your Data

Vision-care providers collect customer or patient identity, contact, prescription, appointment, billing, and service records tied to optical products and eye-care services.

Recent Developments

The breach surfaced when the Abyss ransomware group listed Century Vision Global and three affiliated eye-care websites on its dark-web leak page on February 2, 2025. Century Vision Global has not issued a detailed public statement about the incident and has not appeared on the U.S. Department of Health and Human Services public breach portal under that exact name as of early 2026. One affiliated practice, Koch Eye Associates of Rhode Island, was named separately in mid-2025 in connection with another Abyss-linked exfiltration claim of approximately 313 GB of data, suggesting either a delayed disclosure of the same incident or a follow-on attack.

Data Points Exposed

4 verified field types
Email Address
Phone Number
Physical Address High
Social Security Number Critical

Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.

Exploitation & Downstream Threats

Threat Activity:High
Primary downstream threats:
  • Identity theft and synthetic identity construction using government-issued IDs
  • SIM swap attacks where phone numbers are present
  • Targeted phishing campaigns using exposed email addresses
  • Doxxing risk from physical address exposure
Threat vectors:
  • Phishing, credential stuffing & account takeover
  • SIM swapping, vishing & SMS phishing
  • Physical stalking, mail fraud & identity verification
  • Home targeting, stalking & physical threat
  • Full identity theft & synthetic identity fraud

Threat Actor: Abyss

Abyss
Unknown

Attribution and method are based on available breach intelligence. Reported attack vector: Unknown.

Recommended Actions

If you believe your information may be included:

Protect Your ID Documents
Government-ID exposure enables document fraud — monitor and report misuse.
IdentityTheft.gov
Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Find 2FA settings
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.
IdentityTheft.govReport to FTC

Frequently Asked Questions

What happened in the Century Vision breach?

A ransomware attack attributed to the Abyss group surfaced on February 2, 2025 affecting Century Vision Global, a U.S.-based eye-care acquisition and management services organization, along with three affiliated clinic websites: independenceeye.com, kocheye.com, and prairieeyecenter.com. Century…

What data was exposed?

Verified fields include Email Address, Phone Number, Physical Address, Social Security Number.

What should I do if I was affected?

Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.

Sources & References

Every claim on this page is traceable. This breach draws on:

Breach Index
DataBreach.com
Record & field corroboration
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Risk Index scoring & downstream-threat assessment

Protect Yourself

Check If You're Affected

Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.

Get Free Breach Alerts

Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.

High-Risk? Get an Exposure Audit

Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.

Request Consultation