Eyemart Express class action overview:
- Who: Plaintiff Lisa Lewis filed a class action lawsuit against Eyemart Express LLC.
- Why: Lewis claims the company failed to properly secure and safeguard the personal information of thousands of individuals.
- Where: The Eyemart Express class action lawsuit was filed in Texas federal court.
- How to get help: Was your personal information compromised in a data breach within the past six months? You may be eligible to pursue legal action.
A new class action lawsuit alleges Eyemart Express failed to properly secure and safeguard the personally identifiable information and protected health information of thousands of individuals.
Plaintiff Lisa Lewis filed the class action complaint against Eyemart Express on April 30 in Texas federal court, alleging violations of state and federal consumer laws.
Lewis claims Eyemart Express, a national optical retailer, was negligent in securing and safeguarding information in a data breach in which the Payouts King ransomware group allegedly exfiltrated 435 GB of data around March 10, 2026.
She argues Eyemart Express failed to monitor its networks and implement adequate data security practices, allegedly leaving consumers’ private information vulnerable to attack.
The class action lawsuit further alleges that Eyemart Express has yet to provide notice of the data breach to affected individuals, leaving many class members unaware that their private information may have been compromised and that they could face an increased risk of identity theft and other harm.
“Defendant’s breaches of duty also caused a substantial, imminent risk to the plaintiff and class members of identity theft, loss of control over their private information,” the Eyemart Express lawsuit says.
According to the class action lawsuit, Eyemart Express reported the data breach to the Texas Attorney General on April 17, 2026.
Lawsuit claims Eyemart Express failed to comply with HIPAA, FTC guidelines
The class action lawsuit claims Eyemart Express failed to comply with the Health Insurance Portability and Accountability Act (HIPAA) and Federal Trade Commission (FTC) guidelines, which mandate reasonable data security measures to protect sensitive information.
Lewis argues the company’s failure to implement industry-standard cybersecurity measures and adequately monitor its networks contributed to the data breach.
As a result, Lewis claims she and other class members face a heightened risk of fraud and identity theft, including medical identity theft, for years to come.
Lewis claims Eyemart Express is guilty of negligence, breach of implied contract and unjust enrichment and is demanding a jury trial. She is requesting declaratory and injunctive relief and an award of actual, statutory and punitive damages for herself and all class members.
Were you affected by the Eyemart Express data breach? Let us know in the comments.
The plaintiff is represented by Bruce W. Steckler of Steckler Wayne & Love PLLC and John J. Nelson of Milberg PLLC.
The Eyemart Express data breach class action lawsuit is Lewis v. Eyemart Express LLC, Case No. 3:26-cv-01402-D, in the U.S. District Court for the Northern District of Texas.
Don’t Miss Out!
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
- The Farmer’s Dog sued over alleged excessive fat levels in dog food
- Home Depot class action alleges shoppers’ license plate data shared with law enforcement
- Trial begins in Connecticut over allegedly misleading Hefty ‘recycling’ bags
- Tesla recalls more than 218K vehicles due to rearview camera issue
