Doctors Imaging Group, a healthcare provider based in Florida, has reported a significant data breach that exposed the sensitive personal and medical information of over 171,800 individuals.
The incident, classified as a “Hacking/IT Incident,” involved unauthorized access to the organization’s network server, leading to the compromise of a wide range of highly sensitive data.
According to the company’s notice, the breach occurred over a one-week period between November 5, 2024, and November 11, 2024. During this time, unauthorized actors gained access to the provider’s computer network and copied files containing patient information.
Doctors Imaging Group became aware of suspicious activity and immediately launched an investigation to determine the scope of the intrusion.
The comprehensive review of the affected files to identify the specific information compromised and the individuals involved was a lengthy process, concluding nearly ten months later on August 29, 2025. The breach was officially reported to the relevant authorities on September 24, 2025.
Breach Timeline And Discovery
The investigation confirmed that a significant amount of both Protected Health Information (PHI) and Personally Identifiable Information (PII) was exposed.
The compromised data includes patient names, addresses, dates of birth, and Social Security numbers. Furthermore, detailed medical and financial information was also involved, such as patient account numbers, medical record numbers, admission dates, health insurance details, medical treatment information, and medical claim information.
Financial data, including financial account numbers and account types, was also part of the breach, placing affected individuals at a heightened risk of identity theft and financial fraud.
In response to the incident, Doctors Imaging Group has stated it took immediate action to investigate the suspicious activity and assess the security of its network.
The company notified federal law enforcement and other regulatory authorities about the breach. Notification letters are being sent to all individuals whose information was compromised and for whom address information is available.
As part of its remediation efforts, the healthcare provider is reviewing its internal security policies and procedures and is evaluating new cybersecurity tools to prevent similar incidents in the future.
The company advises all potentially impacted individuals to remain vigilant by carefully reviewing their account statements, explanation of benefits statements, and credit reports for any signs of suspicious activity.
Any detected errors or fraudulent activity should be promptly reported to the relevant financial institution, insurance company, or healthcare provider.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
