SimonMed Imaging Breach: Cybercriminals Steal Medical and Financial Data from 1.2M Patients
A devastating cyberattack has compromised the data of 1.2 million patients, with the medical imaging provider SimonMed Imaging at the center of the breach. The incident, attributed to the Medusa ransomware group, highlights the growing trend of cybercriminals targeting sensitive information from healthcare institutions.
The breach was first identified in January 2025 when one of SimonMed’s vendors alerted the company to potential security threats. Despite immediate response measures like resetting passwords and enhancing security protocols, the attackers had already infiltrated the system. Between January 21 and February 5, 2025, cybercriminals exfiltrated data, reportedly stealing over 200 GB of information, including patient IDs, financial records, and medical scans. The Medusa group claimed responsibility and demanded a ransom of $1 million for data deletion or $10,000 per day for delay in publishing the stolen information.
SimonMed’s removal from the Medusa leak site suggests a potential ransom payment, although the company has not officially confirmed this. In response, SimonMed has enlisted cybersecurity experts to conduct a thorough investigation and is providing free credit monitoring services to affected individuals to mitigate the risks of identity theft and financial fraud.
The leaked data has significant implications, as it includes highly sensitive information such as identity documents and medical records, which can be exploited for various fraudulent activities. The breach underscores the critical need for robust cybersecurity measures in the healthcare sector, where the exposure of personal and medical data can have far-reaching consequences for both patients and providers.
Experts warn that the impact of such breaches extends beyond immediate financial loss, as stolen data can circulate indefinitely on dark web marketplaces. This highlights the importance of proactive measures, including regular monitoring of financial and medical records, use of strong passwords, and leveraging identity protection services to reduce the risk of long-term damage from data breaches.
As cyber threats continue to evolve, the cybersecurity landscape must adapt to protect sensitive information, particularly in sectors where the stakes are high and the consequences of a breach can be severe. The SimonMed Imaging breach serves as a stark reminder of the urgent need for enhanced security protocols and increased awareness among individuals to safeguard their personal data from increasingly sophisticated cyber threats.