Data Breaches

SimonMed Imaging Data Breach Impacts 1.2 Million

SimonMed Imaging was targeted by the Medusa ransomware group, which claimed to have stolen 200 Gb of data.

Healthcare data breach

SimonMed Imaging has revealed that a data breach resulting from a ransomware attack has impacted more than 1.2 million individuals. 

According to its website, SimonMed Imaging is one of the largest medical imaging providers and physician radiology practices in the US, with more than 170 facilities across 10 states. 

The Arizona-based healthcare organization learned in late January 2025 that one of its vendors had been breached and an investigation conducted by SimonMed showed that its own network had also been hacked. 

The probe revealed that hackers had access to SimonMed systems between January 21 and February 5, and they managed to steal information such as name, address, date of birth, health insurance information, driver’s license number, government-issued ID, SSN, financial account number, authentication credentials, and a wide range of medical information. 

SimonMed informed the Maine Attorney General late last week that the incident has impacted well over 1.2 million individuals

SimonMed previously informed the US Department of Health and Human Services about the breach in March, but its disclosure at the time indicated that only 500 individuals had been impacted. 

Advertisement. Scroll to continue reading.

The Medusa ransomware group took credit for the attack on the healthcare organization on February 10, claiming to have stolen more than 200 Gb of information. The cybercriminals’ website showed that the ransom demand was set at $1 million.

Similar to other data breach disclosures, SimonMed’s public notice states that there is no evidence the compromised information has been used for fraud or identity theft.

However, the risk of abuse is significant when data has been stolen by a ransomware group as these types of threat actors typically either publicly leak the stolen information or sell it to other cybercriminals. 

Related: DraftKings Warns Users of Credential Stuffing Attacks

Related: Extortion Group Leaks Millions of Records From Salesforce Hacks

Related: Discord Says 70,000 Users Had IDs Exposed in Recent Data Breach

Related: Ransomware Group Claims Attack on Beer Giant Asahi

Related Content

Cybercrime

The D1R cybercrime group claimed to have stolen valuable data from Synopsys and Bosch, threatening to leak it unless a ransom is paid. 

Data Breaches

The WorldLeaks extortion group claimed to have stolen 720 GB of data from the healthcare testing and laboratory services provider.

Cybercrime

Angelo Martino, a former ransomware negotiator, was sentenced to 70 months for helping the BlackCat/Alphv group.

Data Breaches

Hackers exploited a zero-day vulnerability in a third-party system to access a KDDI email system for ISPs.

Data Breaches

Hackers accessed the institution’s internal network and deleted two drives containing employee, student, and university data.

Data Breaches

The professional services giant says it contained the incident, remediated its source, and experienced no operational or service delivery impact.

Artificial Intelligence

Attack demonstrates how LLM agents can combine known exploitation techniques with real-time reasoning to automate complex, multi-stage intrusions.

Cybercrime

In April, ShinyHunters accessed the company’s corporate IT systems and stole patients’ personal and medical information.

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Exit mobile version