{"id":48947,"date":"2022-10-20T14:17:04","date_gmt":"2022-10-20T14:17:04","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/33956\/New-York-Fines-EyeMed-4.5-Million-For-2020-Email-Hack-Data-Breach.html"},"modified":"2022-10-20T14:17:04","modified_gmt":"2022-10-20T14:17:04","slug":"new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\/","title":{"rendered":"New York Fines EyeMed $4.5 Million For 2020 Email Hack, Data Breach"},"content":{"rendered":"<div>\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/cms.scmagazine.com\/wp-content\/uploads\/2022\/10\/101922_eye_exam-1024x614.jpg\" alt class=\"wp-image-455608\"><figcaption>New York&#8217;s Department of Financial Services announced a $4.5 million settlement with EyeMed Vision Care for a 2020 email hack and data breach. (Photo by Kevork Djansezian\/Getty Images)<\/figcaption><\/figure>\n<\/div>\n<p>The state of <a href=\"https:\/\/www.scmagazine.com\/analysis\/identity-and-access\/ny-investigation-finds-more-than-1-million-accounts-compromised-through-credential-stuffing\" target=\"_blank\" rel=\"noreferrer noopener\">New York<\/a> has slapped EyeMed Vision Care with yet another fine over its massive 2020 email hack and healthcare data breach. This time the vision benefits company will pay a $4.5 million penalty for multiple security violations that \u201ccontributed to\u201d the data exposure.<\/p>\n<p>The state\u2019s investigation into the insurer found \u201cEyeMed\u2019s lack of compliant cybersecurity risk assessment to evaluate and address the risks to its information systems and non-public information stored on its networks left EyeMed vulnerable to threat actors, including the threat actor who initiated the cyber event,\u201d according to the report.<\/p>\n<p>The settlement was announced as part of New York\u2019s Department of Financial Services\u2019 cybersecurity regulation that mandates a set of responsible security standards for businesses. Drawn into effect in March 2017, it \u201cserved as a model for other regulators,\u201d including the FTC, multiple states, and other security models.<\/p>\n<p>The law includes standards for industry compliance, consumer data protection, cybersecurity controls, and timely reporting of cybersecurity events. The DFS investigation into EyeMed found multiple violations of these requirements.<\/p>\n<p>\u201cIt is critically important that consumers\u2019 non-public information is kept safe from potential criminal activity,\u201d Superintendent of Financial Services Adrienne A. Harris said in the release. \u201cThis settlement demonstrates DFS\u2019s ongoing commitment to protecting consumers while ensuring the safety and soundness of financial institutions from cyber threats.\u201d<\/p>\n<p>DFS launched an investigation into EyeMed following its breach notification in December 2020 that reported an email hack first discovered five months earlier. A threat actor used the access to a single employee email account to send phishing emails to contacts within the address book.<\/p>\n<p>An <a href=\"https:\/\/www.scmagazine.com\/analysis\/breach\/new-york-fines-eyemed-600k-after-data-breach-investigation-finds-security-flaws\" target=\"_blank\" rel=\"noreferrer noopener\">earlier settlement with New York<\/a> for $600,000 that followed a state investigation, revealed several discrepancies with EyeMed\u2019s breach notification.<\/p>\n<p>First, EyeMed did not disclose that the attacker actually sent at least 2,000 phishing emails from the compromised account during the dwell time. The emails impersonated proposal requests that aimed to dupe victims into sharing their credentials.<\/p>\n<p>Further, the IT team received inquiries from clients and detected the suspicious transmissions on July 1. While EyeMed previously reported the account access was blocked and secured on the same day it was discovered, the previous investigation found the hack began a week before it was discovered.<\/p>\n<p>In total, the data of 2.1 million current and former vision benefits members of multiple insurance clients was compromised by the incident.<\/p>\n<p>The data included vision and health insurance account and identification numbers, Medicaid or Medicare numbers, driver\u2019s licenses, government IDs, and birth or marriage certificates. Some members saw their Social Security numbers, financial data, diagnoses, health conditions, treatments, and other sensitive data.<\/p>\n<h2>Investigation reveals major security failures by insurer<\/h2>\n<p>The findings of the DFS investigation into EyeMed found deeper security failings than previously disclosed.<\/p>\n<p>The audit revealed that EyeMed had violated the DFS\u2019s cybersecurity regulation by failing to implement multi-factor authentication within its email environment. The state regulation requires MFA to be used for any users \u201caccessing a covered entity\u2019s internal network from an external network.\u201d<\/p>\n<p>\u201cAt the time of the cyber event, EyeMed was in the process of rolling out MFA for its email environment, but did not yet have MFA implemented for the mailbox, as required by the cybersecurity regulation,\u201d according to the report.<\/p>\n<p>In addition, EyeMed transitioned its email system to Microsoft Office 365 18 months before the hack. Although the regulation went into effect on March 1, 2018, the MFA implementation did not begin until March 2020, two years later. The O365 accessed the internal networks during the time MFA was not fully implemented. The MFA project was not completed until September 2020.<\/p>\n<p>DFS found that \u201cthe delay in MFA implementation left EyeMed\u2019s information systems and its consumers\u2019 non-public information vulnerable to threat actors.\u201d<\/p>\n<p>Further, the investigation found the insurer failed to limit user access privileges. In fact, nine employees were allowed to share login credentials to the email account behind the weeklong hack.<\/p>\n<p>EyeMed also failed to implement sufficient data retention and disposal processes required by DFS. Namely, the hacked account contained \u201cover six years\u2019 worth of consumer non-public information, including that of minors.\u201d To DFS, \u201chad these controls been in place, the July 1, 2020, cybersecurity event could have been prevented or been limited in scope.&#8221;<\/p>\n<p>DFS also found EyeMed hadn\u2019t conducted an adequate risk assessment between 2018 and 2021, which would have identified the access privilege and data disposal risks tied to its email accounts.<\/p>\n<p>Notably, had EyeMed conducted the risk assessment it could have avoided several of the violations found by DFC, including the requirement to leverage an adequate risk assessment to then build an effective cybersecurity program able to \u201caddress information security, access controls and identity management, and customer data privacy.\u201d<\/p>\n<p>The finding also suggests that after discovering the email hack and conducting its investigation over the course of five months in 2020, EyeMed still didn\u2019t perform a risk assessment for more than a year after the incident. A risk assessment is not only a core requirement of DFS, it\u2019s also mandated by The Health Insurance Portability and Accountability Act.<\/p>\n<p>The report shows \u201cto date, EyeMed has not conducted a risk assessment that complies with the requirements of the cybersecurity regulation.\u201d Although the insurer has a third-party vendor conduct \u201cperiodic audits\u201d of its IT controls and \u201centerprise risk management reviews,\u201d it does not meet the regulatory standards. What\u2019s more, these vendor assessments did not cover the email system where the hack occurred.<\/p>\n<p>DFS added that \u201cas a result, EyeMed\u2019s cybersecurity certifications for the calendar years 2018 through 2021 were improper.\u201d<\/p>\n<p>Lastly, EyeMed was also found to have violated the DFS requirement to annually certify compliance with the cybersecurity regulation.<\/p>\n<p>The multi-million dollar settlement also requires EyeMed to \u201cundertake significant remedial measures to better secure its data.\u201d The insurance carrier must take on a comprehensive cybersecurity risk assessment, then develop a plan to address any risks identified during its audit. DFS will then review and approve the plan.<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/33956\/New-York-Fines-EyeMed-4.5-Million-For-2020-Email-Hack-Data-Breach.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":48948,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[2224],"class_list":["post-48947","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackergovernmentprivacyusadata-loss"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>New York Fines EyeMed $4.5 Million For 2020 Email Hack, Data Breach 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"New York Fines EyeMed $4.5 Million For 2020 Email Hack, Data Breach 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-10-20T14:17:04+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cms.scmagazine.com\/wp-content\/uploads\/2022\/10\/101922_eye_exam-1024x614.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"New York Fines EyeMed $4.5 Million For 2020 Email Hack, Data Breach\",\"datePublished\":\"2022-10-20T14:17:04+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\\\/\"},\"wordCount\":1020,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/10\\\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach.jpg\",\"keywords\":[\"headline,hacker,government,privacy,usa,data loss\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\\\/\",\"name\":\"New York Fines EyeMed $4.5 Million For 2020 Email Hack, Data Breach 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/10\\\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach.jpg\",\"datePublished\":\"2022-10-20T14:17:04+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/10\\\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/10\\\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach.jpg\",\"width\":1024,\"height\":614},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,government,privacy,usa,data loss\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackergovernmentprivacyusadata-loss\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"New York Fines EyeMed $4.5 Million For 2020 Email Hack, Data Breach\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"New York Fines EyeMed $4.5 Million For 2020 Email Hack, Data Breach 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\/","og_locale":"en_US","og_type":"article","og_title":"New York Fines EyeMed $4.5 Million For 2020 Email Hack, Data Breach 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-10-20T14:17:04+00:00","og_image":[{"url":"https:\/\/cms.scmagazine.com\/wp-content\/uploads\/2022\/10\/101922_eye_exam-1024x614.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"New York Fines EyeMed $4.5 Million For 2020 Email Hack, Data Breach","datePublished":"2022-10-20T14:17:04+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\/"},"wordCount":1020,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/10\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach.jpg","keywords":["headline,hacker,government,privacy,usa,data loss"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\/","url":"https:\/\/www.threatshub.org\/blog\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\/","name":"New York Fines EyeMed $4.5 Million For 2020 Email Hack, Data Breach 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/10\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach.jpg","datePublished":"2022-10-20T14:17:04+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/10\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/10\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach.jpg","width":1024,"height":614},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,government,privacy,usa,data loss","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackergovernmentprivacyusadata-loss\/"},{"@type":"ListItem","position":3,"name":"New York Fines EyeMed $4.5 Million For 2020 Email Hack, Data Breach"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/48947","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=48947"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/48947\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/48948"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=48947"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=48947"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=48947"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}