- SimonMed Imaging lost sensitive data on 1.2 million people in ransomware attack
- Medusa claimed responsibility, demanding $1 million to delete 212 GB of stolen patient data
- Victims Receive Free Identity Theft and Credit Monitoring
SimonMed Imaging, a leading US provider of medical imaging and outpatient radiology, suffered a cyberattack that caused it to lose sensitive data on more than a million people.
The company filed a report with the Maine Attorney General’s Office, in which it also shared a sample of the data breach notification letter it sent to affected customers. It states that at the end of January 2025, one of its suppliers informed it of a security incident in progress.
The next day, SimonMed discovered “suspicious activity” on its own network and attempted to thwart the attack by resetting the password, setting up two-factor authentication (2FA), implementing endpoint detection and response monitoring, and removing all direct third-party vendor access to its systems.
Concrete actions
But by the time that was done, it was already too late. Between January 21 and February 5, 2025, cybercriminals exfiltrated sensitive data on 1.2 million people, SimonMed said. It only states that the criminals stole people’s names and other “data elements.”
At the same time, Medusa ransomware operators claimed responsibility for the attack and said they recovered 212 GB of various data, including identity scans, spreadsheets containing patient details, payment details, account balances, medical reports and even raw scans.
The attackers also demanded $1 million to delete the data and $10,000 to extend the release deadline by one day.
Now, the company has been removed from the data leak site, suggesting that SimonMed Imaging paid the ransom demand. This has not yet been confirmed (nor denied), and it does not necessarily mean that the organization paid the full amount.
The relevant authorities have been informed of the incident and third-party cybersecurity experts have been requested to assess the damage and assist with the post-mortem. At the same time, victims are offered free identity theft and credit monitoring services through Experian.
Via BeepComputer
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
