Strauss Borrelli PLLC, a leading data breach law firm, is investigating Andover Eye Associates, which does business as Andover Eye Institute (“AEI”), regarding its recent data breach. The AEI data breach involved sensitive personal information and protected health information belonging to over 1,600 individuals.
ABOUT ANDOVER EYE ASSOCIATES D/B/A ANDOVER EYE INSTITUTE:
AEI is an eye care clinical trial and research institute based in Massachusetts. Founded in 1978, AEI operates a range of clinical trial and research services related to eye care, including managing clinical trials for pharmaceutical companies, identifying and recruiting qualified patients for clinical trials, site monitoring, regulatory compliance, and more.2,4,5 Conditions that AEI specializes in researching include dry eye disease, allergic eye conditions, retinal disease, and other critical eye health issues.3 Headquartered in Andover, Massachusetts, AEI employs over 10 individuals.3
WHAT HAPPENED?
Recently, AEI announced that it had experienced a data breach in which sensitive personal identifiable information and protected health information in its care may have been compromised. According to the breach notice shared on its website, on June 10, 2025, AEI was alerted to suspicious activity in two employee email accounts.1 As a result, AEI launched an investigation to determine the nature of the incident.
Through its investigation, AEI confirmed that sensitive personal information and protected health information in the emails may have been accessed by an unauthorized third party on May 28, 2025. As a result, AEI began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. On November 4, 2025, AEI completed this review. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
- Name
- Social Security number
- Address
- Medical information
As a result of the breach, AEI posted notice of the breach on its website. Additionally, AEI began mailing data breach notification letters to impacted individuals. Based on the website breach notice, AEI is providing affected individuals with a list of the specific types of sensitive information impacted and complimentary credit monitoring services. A link to the website breach notice is below.
If you believe you have been affected by the Andover Eye Associates d/b/a Andover Eye Institute breach:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
LINKS
[1] https://aeiclinical.com/notice-of-data-event
[3] https://www.linkedin.com/company/andover-eye-institute/about/
[4] https://aeiclinical.com/services
[5] https://aeiclinical.com/about
[7] https://mm.nh.gov/files/uploads/doj/remote-docs/andover-eye-associates-20251231.pdf
[8] https://www.mass.gov/doc/2025-2198-andover-eye-associates/download
[9] https://www.mass.gov/doc/data-breach-report-2025/download
