A significant cybersecurity incident has compromised the sensitive data of over 1.2 million patients, stemming from a breach at SimonMed Imaging, one of the United States’ leading outpatient radiology providers. The breach was uncovered following a ransomware attack that targeted the company’s network, raising urgent concerns about data security in healthcare.

Details of the Breach and Cyberattack

In early 2025, SimonMed was alerted by a vendor about suspicious activity on its systems. Despite immediate measures such as password resets, multi-factor authentication enforcement, and enhanced endpoint security, cybercriminals had already infiltrated the system. Between January 21 and February 5, malicious actors exfiltrated approximately 200 GB of data, including patient identifiers, financial information, medical scans, and reports.

The notorious Medusa ransomware group claimed responsibility for the attack, demanding a ransom of $1 million to delete the stolen data, or $10,000 per day to delay its publication. Although the company has not confirmed paying the ransom, SimonMed was removed from the ransomware group’s leak site, suggesting some form of negotiation or payment.

Scope and Nature of the Data Compromised

While initial reports indicated only basic personal information such as names, the attackers’ claims suggest a broader leak. The stolen data reportedly includes identity documents, payment details, detailed medical records, imaging scans, and account balances. This type of information is highly valuable on dark web marketplaces, often sold in bulk for fraudulent activities such as identity theft, insurance scams, and prescription drug fraud.

Medical breaches are particularly damaging because unlike passwords, medical histories and government-issued IDs are not easily reset or replaced, making recovery and protection more complex.

Implications and Response

In response to the attack, SimonMed engaged cybersecurity experts to investigate further and has offered free credit monitoring services to affected individuals. The incident emphasizes the increasing frequency and sophistication of cyber threats targeting healthcare providers, underscoring the need for robust security measures.

Experts recommend changing passwords immediately, avoiding reuse, and enabling two-factor authentication across all accounts. Using a reputable password manager can help generate and store strong credentials, reducing the risk of widespread compromise from a single breach.

It is also advisable to check whether your email or personal data has been exposed in past breaches via trusted breach scanning tools. Regular monitoring of financial and medical statements can help detect early signs of fraudulent activity, potentially preventing larger losses.

Protecting Your Personal Data

To further safeguard your identity, consider using data removal services that actively monitor and remove personal information from public databases and websites. This reduces the chances of attackers assembling comprehensive profiles for scams or fraud. While no method guarantees complete removal, these services significantly diminish your online footprint and increase your security.

For tips on protecting yourself from identity theft and cyber threats, visit trusted resources like [Cybersecurity & Infrastructure Security Agency](https://www.cisa.gov) and [Federal Trade Commission’s Identity Theft page](https://www.consumer.ftc.gov/articles/0272-how-know-if-you-are-victim-identity-theft).

Additional Security Measures

Always keep your devices protected with up-to-date antivirus software capable of detecting malware and ransomware. Regularly review your bank and insurance statements for unusual transactions. Employ identity protection services that alert you if your personal data appears in dark web listings or is being used fraudulently.

Cybercriminals often exploit large breaches through phishing campaigns that mimic official communications. Stay vigilant, especially with emails referencing SimonMed or related healthcare services, and avoid clicking on suspicious links or providing personal information.

The ongoing rise in healthcare-related cyberattacks highlights the importance of proactive security practices. Protecting your personal data requires continuous vigilance, updated security tools, and awareness of evolving scams.

Ethan Cole

I'm Ethan Cole, a tech journalist with a passion for uncovering the stories behind innovation. I write about emerging technologies, startups, and the digital trends shaping our future. Read me on x.com