One of the largest medical imaging providers in the US, SimonMed Imaging, has disclosed that a ransomware attack resulted in a data breach impacting over 1.2 million individuals.
The Scope of the Attack
The Arizona-based healthcare organization, which operates more than 170 facilities across 10 states, initially discovered a breach at one of its vendors in late January 2025. A subsequent internal investigation revealed that SimonMed’s own network had also been compromised. Hackers had access to the company's systems between January 21 and February 5.
The Medusa ransomware group claimed responsibility for the attack on February 10, asserting they stole more than 200 GB of data and demanded a million ransom.
Compromised Sensitive Data
The investigation confirmed that the attackers managed to steal an extensive range of highly sensitive information, including:
- Personal Identifiable Information (PII): Name, address, date of birth, driver's license number, government-issued ID, Social Security Number (SSN), and authentication credentials.
- Financial Data: Financial account numbers.
- Medical Information: A wide variety of health insurance and medical details.
Although SimonMed’s initial public disclosure in March indicated only 500 individuals were affected, the company recently notified the Maine Attorney General that the incident actually compromised the data of well over 1.2 million people. While SimonMed stated there is no evidence the stolen information has been used for fraud or identity theft, the risk remains significant, as ransomware groups typically leak or sell such highly valuable data to other cybercriminals.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
