$5M EyeMed Settlement Ends Class Action Lawsuit Over June 2020 Data Breach

New to ClassAction.org? Read our Newswire Disclaimer

A $5 million settlement will resolve a class action lawsuit against EyeMed Vision Care over a June 2020 data breach in which an unauthorized third party accessed patients’ personal and medical information.

Don’t miss out on class action settlement news like this. Sign up for ClassAction.org’s free weekly newsletter.

The EyeMed class action settlement received preliminary court approval on July 29, 2025 and covers all U.S. residents who were notified by EyeMed that their personal information was affected by the data breach.

The court-approved website for the EyeMed settlement can be found at EyeMedDataSettlement.com.

EyeMed settlement class members who submit a timely, valid claim form will be able to receive:

• A pro rata (equal share) payment from the $5,000,000 settlement fund, which court documents estimate will be approximately $50 per claimant;
• Reimbursement for up to four hours of time spent dealing with the effects of the data breach, at a rate of $25 per hour; and
• Up to $10,000 in reimbursement for documented, as-of-yet unreimbursed monetary losses that are reasonably traceable to the data breach.

Per the settlement website, claimable monetary losses must have been incurred on or after June 24, 2020 and may include expenses and losses such as:

• Professional fees, including attorneys’ fees, accountants’ fees and fees for credit repair services;
• Costs associated with freezing/unfreezing credit with any credit reporting agency;
• Credit monitoring costs incurred between June 2020 and the date the claim is submitted;
• Unreimbursed losses related to fraud or identity theft;
• Instances of verified fraud, such as fraudulent bank or credit card charges, fraudulent tax filings, fraudulent opening/closing of bank or credit accounts, unemployment filings or other fraudulent actions taken using a class member’s information obtained in the data breach;
• Parking or other transportation expenses for trips to financial institutions to address fraudulent charges or receive a replacement payment card;
• Miscellaneous expenses such as notary, postage, mileage, fuel, fax, postage and long-distance phone charges; and
• Other expenses that are reasonably related to the data breach that have not already been reimbursed.

The class action settlement website notes that the amount paid in any of the available settlement benefits may be decreased on a pro rata basis depending on the total number of valid claims filed. The maximum amount of money an EyeMed class member may receive from the deal is $10,000, the settlement website shares.

To file a claim form online, class members can visit this page of the EyeMed settlement website and log in with the unique class member ID found in their copy of the settlement notice.

Alternatively, a PDF of the claim form is available to print, fill out and mail back to the address listed at the bottom of the second page.

All claim forms must be submitted online or postmarked by December 11, 2025.

EyeMed has also agreed, as part of the settlement, to enhance and upgrade its cybersecurity measures, employee security training, password-strength requirements and multi-factor authentication. EyeMed will also implement a shortened retention period for the mailbox that was affected by the data breach and contract a third-party vendor to perform an updated HIPAA security risk assessment.

A hearing is scheduled for January 7, 2026 to determine whether the settlement will receive final approval from the court. Payments will begin to be distributed to class members only after final approval has been granted and any appeals have been resolved.

The EyeMed class action lawsuit claimed that the vision benefits company, which court documents say offers vision plans to over 60 million members in the U.S., was negligent in its data security, as it allowed an unauthorized third party to access patients’ sensitive personal and medical information. According to the case, the compromised data included names, dates of birth, driver’s license and other government ID numbers, health insurance account and identification numbers, contact information and Medicaid or Medicare numbers.

Are you owed unclaimed settlement money? Check out our class action rebates page full of open class action settlements.