SimonMed Data Breach Compromises 1.2 Million Patients’ Sensitive Information

SimonMed Imaging confirmed a cybersecurity breach that exposed the personal information of approximately 1.28 million patients.

The incident, which occurred on January 21, 2025, and was discovered a week later, underscores the persistent threat to healthcare data security and the urgent need for robust protective measures across the industry.

Breach Details and Scope

SimonMed Imaging, a Scottsdale, Arizona–based provider of diagnostic imaging services, experienced an external system breach classified as hacking that compromised names and other personal identifiers in combination with additional personal data.

According to the notification submitted by attorney Daniel Greene of Octillo Law PLLC, the total number of affected individuals stands at 1,275,669, including 22 Maine residents.

The breach did not reveal Social Security numbers or financial account information; however, the exposed data may include dates of birth, addresses, and medical record numbers, heightening the risk of identity theft and targeted phishing campaigns.

The intrusion began on January 21, 2025, and remained undetected until January 28, 2025. Attackers exploited a vulnerability in SimonMed’s external-facing systems, though the company has not publicly attributed the breach to any known software flaw or CVE.

As of the notification, no identity theft protection services have been offered to affected individuals.

SimonMed Imaging issued written notifications to impacted patients on October 10, 2025.

These letters provided details of the breach and instructions on monitoring personal accounts for signs of misuse.

In compliance with Maine’s data breach notification law, the company supplied a sample notification letter to the Maine Attorney General’s office, confirming that consumer reporting agencies were duly informed, given the limited number of state residents affected.

The breach notification filing lists SimonMed’s corporate address at 16220 N Scottsdale Road, Suite 600, Scottsdale, AZ 85254, and provides contact information for attorney Daniel Greene, who represents affected parties.

The firm has pledged to cooperate fully with regulatory bodies and to implement enhanced security controls to prevent future incidents.

Technical Analysis and CVE Table

While no specific CVE has been cited by SimonMed Imaging, healthcare organizations are increasingly targeted via vulnerabilities in remote access, web applications, and outdated server software.

The table below summarizes the breach’s known technical attributes and highlights the absence of a recorded CVE reference.

Patients are advised to remain vigilant by regularly reviewing medical records, insurance statements, and credit reports for unauthorized activity.

While SimonMed has not offered identity protection services, individuals may consider enrolling independently in credit monitoring and identity theft prevention programs.

Healthcare providers must conduct comprehensive security audits, prioritize timely patch management, and employ advanced threat detection tools.

Regular penetration testing and staff cybersecurity training are critical to mitigating the risk of external system compromises.

Continuous monitoring of network traffic and immediate investigation of anomalies can help identify intrusions before data exfiltration occurs.

The SimonMed breach serves as a stark reminder of the evolving tactics employed by cybercriminals against healthcare entities.

Proactive security measures, combined with transparent incident response protocols, remain essential for safeguarding sensitive patient information and maintaining public trust.

Cyber Awareness Month Offer: Upskill With 100+ Premium Cybersecurity Courses From EHA's Diamond Membership: Join Today