Radiology Associates of Richmond disclosed a data breach affecting protected health information for 266,000 individuals. The incident occurred on or about July 25, 2025, when hackers accessed internal systems. The organization did not specify when the intrusion was discovered, but it worked with external cybersecurity experts to contain the attack and investigate its scope. After forensic investigation and manual document review, the organization concluded on or about April 6, 2026 that files containing protected health information for a limited number of individuals were acquired without authorization. Notification letters began on May 21, reaching 266,183 people. The potentially impacted data may include names, Social Security numbers, government-issued ID numbers, financial information, and medical and health insurance details. Individuals with Social Security numbers were offered complimentary credit monitoring.
"After an extensive forensic investigation and manual document review, RAR's investigation concluded on or about April 6, 2026, that files containing protected health information pertaining to a limited number of individuals were acquired in an unauthorized manner as a result of the incident, the organization says."
"On May 21, RAR started sending notification letters to the potentially impacted individuals. According to the organization's filing with the Maine Attorney General's Office, 266,183 people are receiving such letters."
"Notified individuals have been provided with best practices to protect their information, and individuals whose Social Security numbers were contained in the impacted files have been offered complimentary credit monitoring, RAR's incident notice reads."
"According to a listing on the Texas AGO's website, government-issued ID numbers, financial information (including credit or debit card numbers), and medical and health insurance details were likely stolen in the attack."
#healthcare-data-breach #protected-health-information #cybersecurity-incident #notification-letters #identity-and-financial-data
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]