HHS Office for Civil Rights Imposes a $1,500,000 Civil Money Penalty Against Warby Parker in HIPAA Cybersecurity Hacking Investigation

HHS OCR Imposes $1.5 Million Civil Penalty Against Warby Parker

On February 20, 2025, the U.S. Department of Health and Human Services’ Office for Civil Rights announced a $1.5 million fine against Warby Parker for alleged violations of the HIPAA Security Rule.Continue Reading ›

$1.5M CMP Imposed on Warby Parker for HIPAA Security Rule Violations - Compliancy Group

Warby Parker is a Delaware public benefit corporation, headquartered in New York City. It is a manufacturer and e-retailer of prescription and non-prescription eyewear. Warby Parker has approximately 200 physical stores and employs over 3,000 people. Its net revenue for the third quarter of 2024 alone was approximately $200 million dollars. Warby Parker, more prosaically, is a covered entity under HIPAA. In late February of 2025, the Department …

Feds fine Warby Parker $1.5 million for failing to protect customer health data

The eyewear retailer Warby Parker was hit with a $1.5 million fine by the Department of Health and Human Services on Thursday following a credential stuffing attack in 2018 that compromised the personal information of nearly 200,000 people.

HHS Office for Civil Rights Imposes a $1,500,000 Civil Money Penalty Against Warby Parker in HIPAA Cybersecurity Hacking Investigation

There is a follow-up to a breach previously reported on DataBreaches.net in December 2018. February 20 — Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a $1,500,000 civil money penalty against Warby Parker, Inc., a manufacturer and online retailer of prescription and non-prescription eyewear, concerning violations of… Introduction to Malware Binary Triage (IMBT) Course Looking to level up …