Essential Insights
- Doctors Imaging Group experienced a data breach from November 5-11, 2024, exposing sensitive patient information for over 171,000 individuals.
- Hackers accessed and copied files containing personal, medical, and financial data, including Social Security numbers and medical records.
- The organization’s investigation concluded in August 2025; it is unclear if a ransomware group was responsible.
- While large-scale, such healthcare data breaches are common and can impact many patients.
The Issue
Doctors Imaging Group, a radiology practice operating in Palatka and Gainesville, Florida, recently disclosed that it experienced a significant data breach nearly a year earlier, from November 5 to November 11, 2024. Hackers gained unauthorized access to the organization’s network during this period, copying sensitive files. An investigation, completed by late August 2025, revealed that over 171,000 individuals’ personal and medical information—including names, addresses, Social Security numbers, financial details, and medical records—had been compromised. The breach’s perpetrator remains unidentified, and it is unclear whether a ransomware group was involved. This incident underscores a common pattern in healthcare data breaches, which frequently affect large populations, and was reported to the U.S. Department of Health and Human Services by the organization, highlighting ongoing concerns about data security within medical practices.
Potential Risks
Doctors Imaging Group, a radiology provider operating in Florida, experienced a significant cyber breach nearly a year ago, between November 5-11, 2024, resulting in hacker access to its network and the theft of sensitive data from over 171,000 individuals. The breach compromised personal identifiers—including names, addresses, Social Security numbers, financial and medical information—and was only fully assessed after an investigation concluded in late August 2025. Although it remains uncertain whether the attack involved ransomware or was targeted by specific cybercriminal groups, the incident underscores the pervasive threat of cyber risks in healthcare, where such breaches can lead to severe consequences like identity theft, financial fraud, and erosion of patient trust. The high volume of affected patients emphasizes the ongoing vulnerability of medical data, requiring healthcare entities to bolster cybersecurity measures to protect sensitive information from evolving cyber threats.
Possible Remediation Steps
In an age where personal health information is both sensitive and essential, addressing data breaches promptly is crucial to prevent further harm and restore trust.
Immediate Actions
- Notify affected individuals and relevant authorities without delay.
- Conduct a thorough investigation to determine the breach source.
- Revoke compromised access credentials and strengthen authentication protocols.
Preventative Strategies
- Implement robust encryption for stored and transmitted data.
- Regularly update security systems and patches.
- Provide staff training on cybersecurity best practices.
Long-term Measures
- Develop comprehensive incident response plans.
- Conduct routine security audits and risk assessments.
- Engage cybersecurity experts for ongoing monitoring and improvements.
Continue Your Cyber Journey
Stay informed on the latest Threat Intelligence and Cyberattacks.
Explore engineering-led approaches to digital security at IEEE Cybersecurity.
Disclaimer: The information provided may not always be accurate or up to date. Please do your own research, as the cybersecurity landscape evolves rapidly. Intended for secondary references purposes only.
Cyberattacks-V1
