Doctors Imaging Group Data Breach Exposes Information of Over 170,000 Individuals

Florida-based healthcare services provider Doctors Imaging Group said it experienced a data security incident that compromised the sensitive personal information of more than 170,000 individuals.

 

Based in Palatka and Gainesville, Florida, Doctors Imaging Group is a physician-owned radiology practice offering comprehensive radiology services. The practice includes 20 diagnostic radiologists, 5 interventional radiologists, and 5 interventional physician assistants.

 

In a data security incident published on its website, DIG said that last year it experienced a network disruption impacting critical systems. The radiology practice immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

It also took steps to contain the impact of the network intrusion and notified law enforcement about the same.

 

“The investigation determined the network had been accessed by unknown actors between November 5, 2024 and November 11, 2024, and during this time files were copied,” DIG said.

 

The compromised data included names, addresses, dates of birth, Social Security numbers, admission dates, financial account numbers, financial account types, patient account numbers, medical record numbers, health insurance information, medical treatment information and medical claim information.

 

The incident was reported to the U.S. Department of Health and Human Services Office for Civil Rights, where DIG said it has identified at least 171,862 individuals impacted by the incident.

 

“We moved quickly to respond and investigate the suspicious activity, assess the security of our network, and notify potentially impacted individuals. We notified federal law enforcement and relevant regulatory authorities. 

 

“As part of our ongoing commitment to information security, we are currently reviewing our policies and procedures, as well as assessing new cybersecurity tools, to reduce the risk of a similar incident from occurring in the future,” DIG added.

 

The radiology practice has advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and the state attorney general. 

 

At the time of publishing, no known hacker group claimed responsibility for the cyber attack on DIG. The healthcare service provider also did not share details on who was behind the attack, how much data was compromised, or whether it had received a ransom demand.