Central Kentucky Radiology (CKR), a radiology services provider, is alerting around 167,000 individuals that their personal data was compromised during a cyberattack in October 2024
The breach was discovered after certain systems on CKR’s network were disrupted. An investigation revealed that a threat actor gained access between October 16 and October 18, 2024, and copied files from the network.
By May 7, 2025, CKR completed its review of the stolen data and confirmed that the exposed information included names, addresses, birth dates, Social Security numbers, dates of medical service, and service charges.
The organization reported the incident to law enforcement and relevant authorities. On June 13, CKR began sending out notification letters to those affected. In a notice filed with the Vermont Attorney General’s Office, CKR stated it has not found evidence of any actual or attempted misuse of the data but is informing individuals out of caution.
According to a report to the U.S. Department of Health and Human Services, the breach affected 166,953 people. CKR is offering one year of free credit monitoring and has advised affected individuals to monitor their financial accounts closely and report any suspicious activity to their banks or credit card providers.
Although CKR has not confirmed the exact nature of the attack, the system disruption indicates it may have been a ransomware incident.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
