Tri-Century Eye Care 2025 Data Breach

Tri-Century Eye Care (PA) Ophthalmology Breach (2025): 200K Patient Records Including SSN, Medical & Financial Data Exposed via PEAR | ObscureIQ
ObscureIQ Breach Intelligence

Classification Tags

PEARRansomware / ExtortionMedicalDate of BirthEmail AddressFinancial AccountFull NameHealth InsuranceMedical DiagnosisPhone Number
High SeverityWebsite / service breach

Tri-Century Eye Care (PA) Ophthalmology Breach (2025): 200K Patient Records Including SSN, Medical & Financial Data Exposed via PEAR

Eye care and ophthalmology practice.

Verified by ObscureIQ Intelligence
93/100Breach Risk Index
75Data Value
40Market Recency
268dSince Breach

Breach Intelligence Summary

Entity: Tri-Century Eye Care · Actor: PEAR · Sources: 2 references
Attack: Ransomware / Extortion
Profile: Healthcare provider · Vision and eye care services · Specialty clinic network · USA
Timeline: Breach (2025-09-03) · Year (2025)
Exposure: 200K records · 9 fields: Date of Birth, Email Address, Financial Account, Full Name, Health Insurance, Medical Diagnosis, Phone Number, Physical Address, Social Security Number
Status: Confirmed

Executive Summary

Tri-Century Eye Care, an ophthalmology practice in Bucks County, Pennsylvania, detected a breach on September 3, 2025 and confirmed on September 19, 2025 that patient and employee data were compromised. The PEAR ransomware group claimed the attack (announced September 18, 2025), asserting theft of over 3 TB. About 200,000 individuals were affected per HHS. Exposed data included names, addresses, dates of birth, Social Security numbers, medical/health and treatment/diagnostic information, health insurance information, billing/payment information, and tax/financial information. (NOTE: prior record count 256,144 was a DBC parse; official figure ~200,000. Fields expanded from SSN/contact-only to the full confirmed set incl. medical + financial.)

ObscureIQ assessment: High risk of identity theft, insurance fraud, and treatment-themed phishing. Healthcare affiliation also creates privacy harm even when the exposed record set is limited.

Breach Impact

The exposure combined identity, financial, and clinical data (SSNs, dates of birth, medical/treatment and insurance information, and billing/tax/financial data) for roughly 200,000 patients and employees, an unusually complete bundle for an eye-care practice that enables identity theft, payment fraud, and medical fraud, plus credible treatment- and billing-themed scams.

About Tri-Century Eye Care

Tri-Century Eye Care is an ophthalmology and vision-care practice with several locations in Bucks County, Pennsylvania, providing eye exams, medical eye care, and surgical/ophthalmic services. It maintains patient identity, insurance, billing, and clinical records.

Why They Hold Your Data

Eye-care providers collect patient identity, contact, insurance, billing, appointment, and treatment records tied to vision care and clinical services.

Recent Developments

Tri-Century Eye Care detected a breach on September 3, 2025 and, on September 19, 2025, confirmed that patient and employee PII/PHI were compromised. The PEAR ransomware group claimed the attack (announced September 18, 2025), asserting theft of over 3 TB of data. About 200,000 individuals were affected per HHS; class-action investigations followed.

Data Points Exposed

9 verified field types
Date of Birth High
Email Address
Financial Account
Full Name High
Health Insurance
Medical Diagnosis Critical
Phone Number
Physical Address High
Social Security Number Critical

Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.

Exploitation & Downstream Threats

Threat Activity:Critical
Primary downstream threats:
  • Full identity theft and synthetic identity construction using SSN and DOB
  • Payment and tax fraud using exposed billing/financial/tax data
  • Medical identity fraud and insurance abuse using diagnosis and insurance data
  • Targeted phishing and vishing referencing eye care or billing
  • Doxxing and physical targeting from exposed home addresses
Threat vectors:
  • Full identity theft & synthetic identity fraud
  • Financial, tax & payment fraud
  • Medical extortion, insurance fraud & discrimination
  • Name-based social engineering
  • SIM swapping, vishing & SMS phishing
  • Physical stalking, mail fraud & identity verification
  • Home targeting, stalking & physical threat

Threat Actor: PEAR

PEAR
Ransomware / Extortion

Attribution and method are based on available breach intelligence. Reported attack vector: Ransomware / Extortion.

Recommended Actions

If you believe your information may be included:

Protect Your ID Documents
Government-ID exposure enables document fraud — monitor and report misuse.
Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.

Frequently Asked Questions

What happened in the Tri-Century Eye Care breach?

Tri-Century Eye Care, an ophthalmology practice in Bucks County, Pennsylvania, detected a breach on September 3, 2025 and confirmed on September 19, 2025 that patient and employee data were compromised. The PEAR ransomware group claimed the attack (announced September 18, 2025), asserting theft of…

What data was exposed?

Verified fields include Date of Birth, Email Address, Financial Account, Full Name, Health Insurance, Medical Diagnosis, Phone Number, Physical Address, Social Security Number.

What should I do if I was affected?

Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.

Sources & References

Every claim on this page is traceable. This breach draws on:

Breach Index
DataBreach.com
Record & field corroboration
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Risk Index scoring & downstream-threat assessment

Protect Yourself

Check If You're Affected

Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.

Get Free Breach Alerts

Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.

High-Risk? Get an Exposure Audit

Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.

Request Consultation