Likely all defense employees who have received optical services since 2012 were affected.
The Australian Defense Force’s optometry service provider was let go last week after transmitting optical claims overseas for processing – a breach of contract, News Corp. reports. The location of the multinational company’s servers was not disclosed.
Medibank Health Solutions, ADF’s medical and allied health provider, discovered the no-no in June.
“I’m not going to go into details [about where the claims were sent] because the fact is they shouldn’t have left Australia at all ... but what we do know is that they only went to Luxottica and Luxottica’s IT partners within their existing working relationships,” a Medibank spokeswoman said. “We’re not going to give out the exact nature of the data but it was optical claiming stuff.
On July 24, Luxottica Retail Australia lost its $33.5 million defense contract.
The data in question included name and military unit, the results of eye tests and prescriptions, among other things.
Since 2012, Luxottica had been providing off-base services to all ADF personnel, mostly through its OPSM stores, popular eyewear retailers in Australia and New Zealand. It is assumed all employees who received services since the contract began are affected.
Read the rest at ThreatWatch, Nextgov’s regularly updated index of cyber breaches.
And find out even more on “NG Cybersecurity,” our new iPhone app.