U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Radiology Associates of Richmond data breach impacts 1.4 million people

A data breach at Radiology Associates of Richmond has exposed the personal and health information of over 1.4 million individuals. Radiology Associates of Richmond has disclosed a data breach that impacted personal and health information of over 1.4 million individuals. Radiology Associates of Richmond (RAR) is a private radiology practice founded in 1905 and based […]

Radiology Associates of Richmond

A data breach at Radiology Associates of Richmond has exposed the personal and health information of over 1.4 million individuals.

Radiology Associates of Richmond has disclosed a data breach that impacted personal and health information of over 1.4 million individuals.

Radiology Associates of Richmond (RAR) is a private radiology practice founded in 1905 and based in central Virginia. With over 100 years of continuous operation, RAR provides comprehensive diagnostic and interventional imaging services, including X‑rays, CT scans, MRI, ultrasound, mammography, nuclear medicine, and advanced vascular and neuro‑interventional procedures, across several hospital and outpatient facilities in the Richmond area.

The organization discovered that threat actors gained access to its systems between April 2 and 6, 2024. The investigation confirmed on May 2, 2025, that the security breach exposed protected health and personal information. The practice quickly secured its network with the help of external cybersecurity experts and is assessing the impact.

“As a result of a cybersecurity incident, RAR has learned that an unauthorized actor gained access to its network environment. Upon learning of this issue, we immediately worked to contain the threat and secure our internal environment. We commenced a prompt and thorough investigation into the incident and worked very closely with external cybersecurity professionals experienced in handling these types of situations to help determine whether any personal or sensitive data had been compromised as a result of this incident.” reads the Notice of Data Security Incident published by the company. “After an extensive forensic investigation and complex manual document review, RAR discovered on May 2, 2025 that the impacted systems, which were accessed between April 2, 2024 through April 6, 2024, contained identifiable protected health and personal information.”

Radiology Associates of Richmond has no evidence of misuse of the compromised data. However, starting July 1, 2025, they notified affected individuals and offered credit monitoring to those whose Social Security numbers were compromised. The organization recommends that impacted individuals stay vigilant by monitoring their financial and medical statements for any suspicious activity.

RAR is offering complementary credit monitoring services to the impacted patients.

According to the Department of Health and Human Services (HHS), the security breach impacted 1,419,091 people.

Radiology Associates of Richmond

At this time, no known ransomware group has claimed responsibility for the attack. 

This week, Anne Arundel Dermatology (AAD) reported a data breach involving unauthorized access to its systems between February 14 and May 13, 2025. The incident impacted more than 1.9 million individuals.

This week, Stormous ransomware group claimed the theft of personal and health data belonging to 600,000 patients from health provider North Country HealthCare.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, RAR)