Radiology practice SimonMed Imaging suffers apparent ransomware attack
SimonMed Imaging recently suffered an apparent ransomware attack, the Scottsdale, Arizona, radiology practice confirmed Thursday.
A company representative said the breach occurred last week, but SimonMed “interrupted” hackers and “no data was encrypted.” Clinical systems were not impacted by this “unauthorized activity,” Jenna Lloyd, chief marketing officer, told Radiology Business Thursday.
“To immediately contain the situation, we temporarily took some systems offline, resulting in some operational slowdowns,” she said by email, adding that SimonMed hired cybersecurity experts from Palo Alto Networks’ Unit42 to ensure its systems are secure. “We are fully operational, as we immediately remediated and contained the situation,” she said in a second message.
Founded in 2003, SimonMed employs about 200 radiologists working across 170 sites in 11 states.
SuspectFile.com first reported news of the data breach on Tuesday. Ransomware group Medusa apparently claimed responsibility for the cyberattack on the dark web, posting 45 proof files online. The hacker group had claimed it held over 212 GB of data from SimonMed and was seeking $1 million in Bitcoin with a deadline of Feb. 21, the outlet said.
Lloyd did not respond to a question about the report via email Thursday. SuspectFile claimed Medusa had access to 318,000 lines of data from SimonMed including Social Security numbers, medical records, corporate emails and diagnostic images. The radiology practice had not posted any public information about the cybersecurity incident as of late Thursday.
The cyberattack is one of several recently suffered by radiology practices over the past year. Pinehurst Radiology Associates in North Carolina reported a data breach earlier this month, as did University Diagnostic Medical Imaging in the Bronx, New York. Along with ransomware demands, some have been forced to issue hefty payments for purportedly failing to protect patient information. In October, East River Medical Imaging PC of New York was ordered to pay $1.85 million to settle a class action lawsuit stemming from a cyberattack.
Marty Stempniak has covered healthcare since 2012, with his byline appearing in the American Hospital Association's member magazine, Modern Healthcare and McKnight's. Prior to that, he wrote about village government and local business for his hometown newspaper in Oak Park, Illinois. He won a Peter Lisagor and Gold EXCEL awards in 2017 for his coverage of the opioid epidemic.