Alain Afflelou, a French company specializing in eyewear and hearing aids, fell victim to a cyberattack. The attack occurred through a vulnerability in the system of one of the company’s service providers, allowing unauthorized access to their customer relationship management tool. The company confirmed the breach in an email to customers, indicating that personal data had been compromised. However, the attack did not involve sensitive financial or health information, such as banking details or social security numbers.
The compromised data included names, birth dates, addresses, email addresses, and phone numbers. In addition, details about recent purchases, quotes, and client membership information were also exposed. The breach also included some less sensitive information such as the client’s last appointment date, the name of the client’s insurer, and their parental status. Alain Afflelou emphasized that no visual or hearing correction data or passwords were involved in the breach.
Though the data breach did not impact highly sensitive information, Alain Afflelou has taken steps to prevent future incidents. The company stated it had implemented measures to secure its systems and prevent recurrence. As of the latest updates, no fraudulent use of the compromised data has been reported. The company is conducting an investigation to fully understand the incident, and a report has been filed with the French data protection authority, CNIL.
The company warned customers to remain vigilant about potential phishing attacks linked to their optical or hearing data. Customers are advised to contact Alain Afflelou’s customer service if they have concerns about their personal information. The company is working to ensure that all necessary precautions are in place to protect client privacy moving forward.
Reference: