SimonMed Imaging Patient Data Breach (October 2025)

Medical imaging provider SimonMed Imaging was hit by the Medusa ransomware group, who exfiltrated sensitive health records of 1.2 million patients, including medical histories and Social Security numbers. The attack stemmed from inadequate endpoint protection, allowing hackers to roam undetected for weeks before demanding $1 million. This not only delayed patient care but also exposed individuals to fraud and blackmail. The takeaway on ease of theft: Healthcare's reliance on legacy systems makes it a soft target; cybercriminals can steal irreplaceable personal data in minutes via malware hidden in routine file shares.