- SimonMed Imaging lost sensitive data of 1.2 million people in ransomware attack
- Medusa claimed responsibility and demanded $1 million to delete 212 GB of stolen patient data
- Victims Offered Free Credit Monitoring and Identity Theft
SimonMed Imaging, a large US provider of outpatient radiology and medical imaging, suffered a cyberattack resulting in the loss of sensitive data of more than one million people.
The company filed a report with the Maine Attorney General’s Office, in which it also shared a sample of the data breach notification letter it has been sending to affected customers. In it, it said that in late January 2025, one of its suppliers notified it of an ongoing security incident.
The next day, SimonMed discovered “suspicious activity” on its own network and attempted to thwart the attack by resetting the password, setting up two-factor authentication (2FA), implementing endpoint detection and response monitoring, and removing all direct third-party vendor access to its systems.
Concrete action
But when this was done, it was too late. Between January 21 and February 5, 2025, cybercriminals exfiltrated sensitive data of 1.2 million people, SimonMed said. He only said that the criminals stole people’s names and other “data elements.”
At the same time, Medusa ransomware operators claimed responsibility for the attack and claimed that they had captured 212GB of various data, including ID scans, spreadsheets with patient details, payment details, account balances, medical reports, and even raw scans.
The attackers also demanded $1 million to delete the data and $10,000 to extend the publication deadline by one day.
Now, the company has been removed from the data breach site, which would suggest that SimonMed Imaging paid the ransom demand. This has not yet been confirmed (or denied) and does not necessarily mean that the organization has paid the full sum.
The relevant authorities were notified of the incident and external cybersecurity experts were brought in to assess the damage and assist with the post-mortem. At the same time, victims are offered free credit monitoring and identity theft services through Experian.
Through beepcomputer
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
