In July 2025, Radiology Associates of Richmond suffered a data breach resulting in unauthorized access to internal systems and theft of files containing protected health information for about 266,000 individuals. The stolen data reportedly includes personally identifiable information such as names, Social Security numbers, government-issued IDs, financial data including credit/debit card numbers, and medical insurance details. The organization engaged external cybersecurity experts to contain and investigate the incident, completing the investigation by April 2026. Notifications to affected individuals began in May 2026, with credit monitoring services offered to those whose Social Security numbers were compromised. This breach follows a prior incident in April 2024 affecting 1.4 million people.

The breach exposed sensitive personal and protected health information of over 266,000 individuals, including identifiers that could facilitate identity theft and financial fraud. The compromise of Social Security numbers, government-issued IDs, and financial information increases the risk of misuse of this data. The healthcare provider's reputation and regulatory compliance posture may also be adversely affected.

No specific patch or technical remediation is indicated as this is a data breach incident rather than a software vulnerability. Radiology Associates of Richmond has contained the attack and completed a forensic investigation. Affected individuals have been notified and offered credit monitoring services. Organizations should continue to monitor for unauthorized activity and follow best practices for protecting sensitive data. Patch status is not applicable; check for any updates from the organization or authorities regarding further mitigation or regulatory actions.