Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

266,000 Affected by Data Breach at Radiology Associates of Richmond

Threat actors stole files containing names and protected health information from the healthcare organization’s systems.

Healthcare data breach

Radiology Associates of Richmond (RAR) has disclosed a data breach impacting the protected health information of 266,000 individuals.

According to the healthcare organization’s incident notice, the data breach occurred on or about July 25, 2025, when hackers accessed its internal systems.

RAR did not say when the intrusion was discovered, but said that it worked with external cybersecurity experts to contain the attack and investigate its scope.

“After an extensive forensic investigation and manual document review, RAR’s investigation concluded on or about April 6, 2026, that files containing protected health information pertaining to a limited number of individuals were acquired in an unauthorized manner as a result of the incident,” the organization says.

On May 21, RAR started sending notification letters to the potentially impacted individuals. According to the organization’s filing with the Maine Attorney General’s Office, 266,183 people are receiving such letters.

RAR’s incident notice and the redacted letter samples submitted to authorities in several states suggest that names, Social Security numbers, and other information might have been compromised. Still, they do not provide full details on the affected data.

Advertisement. Scroll to continue reading.

According to a listing on the Texas AGO’s website, government-issued ID numbers, financial information (including credit or debit card numbers), and medical and health insurance details were likely stolen in the attack.

“Notified individuals have been provided with best practices to protect their information, and individuals whose Social Security numbers were contained in the impacted files have been offered complimentary credit monitoring,” RAR’s incident notice reads.

In July 2025, the Richmond, Virginia-based medical imaging services provider notified the US Department of Health and Human Services (HHS) that the personal information of 1.4 million people was stolen in an April 2024 data breach.

Related: DocketWise Data Breach Impacts 143,000

Related: Foxconn Confirms North American Factories Hit by Cyberattack

Related: 716,000 Impacted by OpenLoop Health Data Breach

Related: West Pharmaceutical Services Hit by Disruptive Ransomware Attack

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

BlueVoyant has appointed Ravi Subramanian as CFO and Jamie Coleman as CCO.

Solana Foundation has appointed Michael Coates as Chief Information Security Officer.

Michael Sikorski has joined Coinbase as Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.