SimonMed Imaging Data Breach: 1.27 Million Patients Impacted Across 10+ States

Woods Lonergan PLLC is a nationally recognized complex commercial and civil litigation firm that represents clients in select data breach class actions nationwide. Our Data Breach Lawyers have a proven record of holding national corporations, educational institutions, and technology vendors accountable when failures in cybersecurity expose the sensitive personal, financial, and educational information of consumers and businesses.

SimonMed Imaging, headquartered in Scottsdale, Arizona, has begun notifying patients that a January 2025 cyberattack exposed protected health information for approximately 1,275,669 individuals. SimonMed is one of the largest outpatient medical imaging providers in the U.S., operating 170+ facilities across 10–11 states. Notification letters began mailing October 10, 2025. The HIPAA Journal+1

---

What You Should Do If You Receive a SimonMed Imaging Data Breach Letter

If you received a data breach notification letter or email from SimonMed—or a suspicious email or text referencing your medical care—your personal information may already be at risk.

Call Our Data Breach Lawyers 24/7 at (332) 378-0376 or email loganlowe@woodslaw.com for a free and confidential consultation. Woods Lonergan takes no fees unless we win.

Who Was Impacted by the SimonMed Imaging Data Breach

• Total affected: Approximately 1,275,669 patients nationwide 
• Detection: SimonMed was alerted by a vendor on January 27 and discovered suspicious activity on January 28
• Threat actor: Medusa ransomware group, which claimed responsibility for the attack and published proof-of-breach samples online
• Unauthorized access window: January 21 – February 5, 2025
• Notification letters to impacted patients began mailing October 10, 2025.

Types of Data Potentially Exposed

• Identity and contact information: Name, Address, Date of Birth
• Care details:
  • Dates of Service
  • Provider Name
  • Medical Record Number or Patient Number
• Medical information:
  • Medical Condition
  • Diagnosis or Treatment Information
  • Prescribed Medications
  • Medical Imaging Data
  • Health Insurance Information
• Identification and financial data:
  • Driver’s License Number
  • Government-issued Identification (e.g., state ID, tax ID)

“Medusa ransomware announced SimonMed Imaging on its extortion portal… claiming it had stolen 212 GB of data and posting proof files, including ID scans, patient spreadsheets, payment details, balances, medical reports, and raw scans. The group demanded $1 million.” — BleepingComputer. BleepingComputer

If you received a data breach notification letter or email from SimonMed—or a suspicious email or text referencing your medical care—your personal information may already be at risk.

Call Our Data Breach Lawyers 24/7 at (332) 378-0376 or email loganlowe@woodslaw.com for a free and confidential consultation. Woods Lonergan takes no fees unless we win.

Where SimonMed Imaging Operates and What Services It Provides

SimonMed Imaging is one of the largest outpatient medical imaging providers in the United States, operating more than 170 accredited facilities across Arizona, California, Colorado, Florida, Illinois, Kentucky, Nevada, New York, Texas, and Wisconsin.

Each SimonMed facility specializes in advanced diagnostic and preventive imaging, offering a full suite of radiology services designed for accessibility and affordability. Patients may receive:

• MRI and CT (CAT) Scans for diagnostic and neurological imaging
• Ultrasound and X-Ray for general, obstetric, and musculoskeletal evaluations
• Breast Imaging and Mammography for preventive and diagnostic care
• Nuclear Medicine, PET/CT, and Bone Density (DEXA) Testing
• Fluoroscopy and Interventional Radiology procedures
  

If Hackers Stole Your Data in the SimonMed Breach

Even without confirmed misuse, stolen data can surface later. Take immediate steps:

• Enroll in free credit/identity monitoring provided in your letter.
  2025-10-10 SimonMed Imaging Dat…
• Monitor EOBs, medical bills, and patient portals for unfamiliar services or balances.
• Watch for phishing that references your provider, exam type, or appointment date.
• Consider a fraud alert or credit freeze with major bureaus.
  2025-10-10 SimonMed Imaging Dat…
  

Contact the Data Breach Lawyers at Woods Lonergan at (332) 378-0376 to understand your legal options and potential recovery.

---

Why the SimonMed Imaging Data Breach Matters

This incident is serious because of both scale and sensitivity:

• Scope: Over 1.27 million patients across double-digit states. The HIPAA Journal
• Sensitive medical data: Condition, diagnosis/treatment, imaging-related information, insurance details, plus identifiers (MRN, DL). The HIPAA Journal
• Ransomware attribution: Medusa claimed the attack and previously posted “proof-of-breach” data (ID scans, patient spreadsheets, balances, reports, raw scans). BleepingComputer

How stolen information is weaponized:

• Phishing & impersonation targeting patients via email, text, or phone.
• Identity theft using DOB, driver’s license, and linked identifiers.
• Fraudulent credit applications or account takeovers with combined demographic and insurer data.
• Medical identity theft—fraudulent claims or access to services using patient identifiers. BleepingComputer
  

---

Potential Legal Issues in the SimonMed Imaging Data Breach

Woods Lonergan is evaluating claims including:

• HIPAA violations — alleged failure to protect PHI.
• Negligence — inadequate detection/response and vendor risk controls.
• Failure to notify timely — incident in January; mailed notices in October. The HIPAA Journal
• Breach of implied contract — patients entrusted sensitive medical data with an expectation of reasonable security.
• Unjust enrichment — retention/use of data without adequate safeguards.
  

---

About Woods Lonergan PLLC

Woods Lonergan PLLC is a nationally recognized plaintiff firm specializing in complex civil litigation, including class action, data privacy, and cybersecurity matters. We have a proven track record of successfully holding corporations accountable for data breaches and protecting the rights of consumers. Our firm is currently representing plaintiffs in open litigation for numerous significant data breaches in 2025, including cases involving Powerschool, Ahold Delhaize, Aflac Insurance, Allianz Insurance, Johnson Controls, Community Health Center, Columbia University, DISA Global Solutions, and New Haven Health. Notably, in 2025, Woods Lonergan settled the 23andMe Data Breach Lawsuit for $30 million in the Northern District of California and reached a multi-million dollar settlement in the Sunflower Medical Group data breach case in the U.S. District Court for the District of Kansas.

Our Data Breach Litigation Team is committed to ensuring victims of the SimonMed Imaging Data Breach receive the justice they deserve.

Act Now If You Were Impacted by the SimonMed Imaging Data Breach

If you received a data breach letter from SimonMed—or see unfamiliar activity in your medical or financial records—don’t wait.

Call Woods Lonergan 24/7 at (332) 378-0376 or email loganlowe@woodslaw.com. We only get paid if we win compensation for you.

---

FAQs About the SimonMed Imaging Data Breach

Q: Who was affected by the SimonMed Imaging breach?

A: Approximately 1,275,669 patients across double-digit states. Twenty – two residents were identified in Maine filings. The HIPAA Journal

Q: What personal information was revealed?

A: Potentially name, address, birth date, dates of service, provider name, MRN/patient number, medical condition, diagnosis/treatment details, medications, health insurance information, and driver’s license numbers. The exact data varies by patient. The HIPAA Journal

Q: When did the breach occur and how long did hackers have access?

A: Unauthorized access occurred January 21–February 5, 2025. A vendor alerted SimonMed on January 27 and detected suspicious activity January 28. BleepingComputer

Q: Who is responsible for the attack?

A: The Medusa ransomware group claimed responsibility and posted “proof-of-breach” data in February 2025, then later removed the listing. BleepingComputer

Q: What steps is SimonMed offering patients?

A: SimonMed is providing complimentary identity protection (Experian IdentityWorks) and outlines additional protective steps in its notification.

Q: Where does SimonMed operate and what services does it provide?

A: SimonMed operates 170+ outpatient imaging centers across Arizona, California, Colorado, Florida, Illinois, Kentucky, Nevada, New York, Texas, and Wisconsin. Services include Bone Density (DEXA), Breast Imaging, CT/CT-Angio, Fluoroscopy, MRI, Nuclear Medicine, PET/CT, Ultrasound, and X-ray, among others. BleepingComputer

Q: What should I do if I receive a data breach letter?

A: Activate the monitoring code in your letter, review EOBs and bills for unfamiliar charges, monitor credit, and consider a fraud alert or credit freeze. (Instructions and FTC resources are included in SimonMed’s letter.)

Q: Can I be a named plaintiff in a SimonMed Imaging data breach lawsuit?

A: Yes. If your data was exposed and you experienced harm—phishing, fraud, medical identity theft, time spent mitigating—you may qualify as a named plaintiff or class member. We can assess eligibility.

---

Sources

• HIPAA Journal — “SimonMed Imaging: 1.27M Individuals Affected by January 2025 Cyberattack.” The HIPAA Journal
• BleepingComputer — “SimonMed says 1.2 million patients impacted in January data breach.” BleepingComputer
• SecurityWeek — “SimonMed Imaging Data Breach Impacts 1.2 Million.” SecurityWeek
• SimonMed Imaging Data Breach Notification Attorney General’s Office California