Radiology Associates of Richmond (RAR) has disclosed a data breach impacting the protected well being data of 266,000 people.
Based on the healthcare group’s incident discover, the data breach occurred on or about July 25, 2025, when hackers accessed its inner programs.
RAR didn’t say when the intrusion was found, however stated that it labored with exterior cybersecurity consultants to comprise the assault and examine its scope.
“After an in depth forensic investigation and handbook doc assessment, RAR’s investigation concluded on or about April 6, 2026, that information containing protected well being data pertaining to a restricted variety of people had been acquired in an unauthorized method because of the incident,” the group says.
On Could 21, RAR began sending notification letters to the doubtless impacted people. Based on the group’s submitting with the Maine Lawyer Basic’s Workplace, 266,183 individuals are receiving such letters.
RAR’s incident discover and the redacted letter samples submitted to authorities in a number of states recommend that names, Social Safety numbers, and different data may need been compromised. Nonetheless, they don’t present full particulars on the affected knowledge.
Based on an inventory on the Texas AGO’s web site, government-issued ID numbers, monetary data (together with credit score or debit card numbers), and medical and medical health insurance particulars had been doubtless stolen within the assault.
“Notified people have been supplied with finest practices to guard their data, and people whose Social Safety numbers had been contained within the impacted information have been provided complimentary credit score monitoring,” RAR’s incident discover reads.
In July 2025, the Richmond, Virginia-based medical imaging providers supplier notified the US Division of Well being and Human Providers (HHS) that the non-public data of 1.4 million individuals was stolen in an April 2024 data breach.
