Data Breach at Doctors Imaging Group Exposes Sensitive Patient Information

Doctors Imaging Group, a Florida-based radiology practice with locations in Gainesville and Palatka, has disclosed a data breach affecting more than 171,000 individuals. 

The healthcare provider confirmed that hackers gained unauthorized access to its network between November 5 and November 11, 2024, during which time they copied files containing sensitive personal, financial, and medical information. 

According to a notice filed with the US Department of Health and Human Services (HHS) in September 2025, the exposed data includes names, dates of birth, Social Security numbers, medical records, and insurance details.

A long road to discovery

Doctors Imaging Group reported that suspicious activity was first detected in November 2024, prompting an internal investigation and the engagement of cybersecurity specialists to assess the scope of the intrusion. 

The organization finalized its investigation on August 29, 2025, and began sending notification letters to affected patients shortly after.

According to the company’s official statement, attackers accessed and exfiltrated files from the organization’s network servers. 

The data includes Protected Health Information (PHI) and Personally Identifiable Information (PII), such as patient account numbers, medical record identifiers, admission and treatment information, and limited financial account details. 

While the exact motive of the attack remains unknown, no ransomware group has publicly claimed responsibility as of early Oct. 2025.

The growing threat to healthcare

Healthcare organizations remain one of the most frequent targets of cyberattacks due to the high value of medical data on underground markets. 

Unlike stolen credit card information, which can be quickly invalidated, medical records and Social Security numbers offer long-term utility for identity theft and insurance fraud. 

In this case, the breadth of exposed information—from billing records to treatment data—places victims at significant risk of both financial exploitation and privacy violations.

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has logged this incident as a “Hacking/IT Incident,” aligning it with a growing trend of sophisticated cyber intrusions in the healthcare sector. 

In 2025 alone, hundreds of breaches affecting hospitals, imaging centers, and health insurers have exposed millions of patient records.

Response and remediation

Doctors Imaging Group said it has taken several steps to contain the incident and strengthen its cybersecurity posture. 

Upon discovering the intrusion, the organization immediately secured affected systems, notified federal law enforcement, and began implementing enhanced network monitoring. The company is also conducting a full review of its security infrastructure and policies to identify areas for improvement.

The organization is urging impacted individuals to remain vigilant for potential signs of misuse of their personal information. This includes monitoring financial accounts, reviewing health insurance Explanation of Benefits (EOB) statements, and obtaining free credit reports to check for suspicious activity.

What patients should do

Anyone affected by this breach can take some immediate steps to mitigate potential harm:

• Monitor accounts closely: Review bank and credit card statements for unauthorized transactions.
• Check insurance activity: Report unfamiliar claims or services to your health insurer.
• Use credit monitoring services: Consider placing a fraud alert or credit freeze with the three major credit bureaus.
• Be cautious of phishing: Scammers often exploit breach news to send fake notifications or “support” emails.

Broader implications

The Doctors Imaging Group incident is another reminder of the healthcare sector’s systemic cybersecurity weaknesses. As healthcare providers continue to digitize records and rely on interconnected systems, even mid-sized organizations face nation-state–level threats and financially motivated attackers.

The breach also highlights the importance of timely breach disclosure. The nearly ten-month delay between discovery and notification underscores ongoing challenges in forensic investigations, data mapping, and regulatory compliance within healthcare environments.

For both patients and providers, the takeaway is clear: protecting sensitive health data requires not only modern technical safeguards, like zero-trust, but also continuous vigilance and transparency.