Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

SimonMed Imaging hit by network compromise

Incident
First reported
Last updated
Happening score
H score 30
1 unique sources, 1 articles

Summary

Hide ▲

SimonMed Imaging disclosed a January 21 to February 5, 2025 breach that let attackers access its network and affected more than 1.2 million people. The compromise matters because the company said sensitive information was exposed and it notified law enforcement while containing the intrusion. SimonMed responded with password resets, multifactor authentication, EDR monitoring, and tighter network access controls. The disclosure leaves patients facing identity-theft risk even though the company said it had no evidence of misuse as of October 10.

Related Happenings

Cookeville Regional Medical Center patient records leak

Data Leak
First: 16.04.2026 18:01 Last: 16.04.2026 18:01 Sources 1

About this happening: **Cookeville Regional Medical Center** disclosed a **data leak** affecting **337,917 patients**, exposing personal and medical records and raising identity-theft risk. Files were...

Open Happening

Cookeville Regional Medical Center (CRMC) hit by ransomware attack

Incident
First: 16.04.2026 15:40 Last: 16.04.2026 15:40 Sources 1

About this happening: The **Cookeville Regional Medical Center (CRMC)** suffered a **ransomware attack** that caused a network intrusion and a major **data breach** affecting more than **337,000 indivi...

Latest development: 16.04.2026 18:01

Rhysida claimed responsibility for the Cookeville Regional Medical Center ransomware intrusion on August 2, 2025, demanded 10 Bitcoin worth roughly $1.15m, and posted sample files on its dark web leak site.

Open Happening

INC New Zealand healthcare data leak

Data Leak
First: 12.03.2026 00:00 Last: 12.03.2026 00:00 Sources 1

About this happening: **INC** stole and later published data from a **healthcare organization in New Zealand**, exposing a large amount of information and escalating the event from intrusion to leak pu...

Open Happening

DoorDash hit by network compromise

Incident
First: 14.11.2025 06:38 Last: 14.11.2025 06:38 Sources 1

About this happening: DoorDash disclosed a **cybersecurity incident** that exposed **user contact information** after an **unauthorized third party** gained access to account-linked data. The affected...

Open Happening

SimonMed Imaging patient data leak

Data Leak
First: 13.10.2025 23:12 Last: 13.10.2025 23:12 Sources 1

How related: The hackers also leaked some data, as proof of the attack, consisting of ID scans, spreadsheets with patient details, payment details, and account balances, medical reports, and raw scans.

About this happening: **SimonMed Imaging** exposed patient and medical records after **attackers leaked sample files** tied to a January breach, increasing privacy and identity-theft risk for **more th...

Open Happening

Timeline

  1. 13.10.2025 23:12 1 articles · 7mo ago

    Unauthorized access begins at SimonMed Imaging

    Exploitation Observed

    Attackers gained unauthorized access to SimonMed Imaging's network at the start of the stated compromise window, marking the beginning of a period in which they were later said to have maintained access through February 5.

    Show sources
    Open in new tab
  2. 13.10.2025 23:12 1 articles · 7mo ago

    Vendor alert brings the breach to SimonMed Imaging's attention

    Detection Ioc Update

    SimonMed Imaging learned about a security incident on January 27 after one of its vendors reported that it was experiencing a security incident, prompting the company to start an investigation.

    Show sources
    Open in new tab
  3. 13.10.2025 23:12 1 articles · 7mo ago

    SimonMed Imaging confirms suspicious activity on its network

    Technical Analysis Update

    After the vendor alert, SimonMed Imaging confirmed suspicious activity on its network on January 28 and continued its investigation into the compromise.

    Show sources
    Open in new tab
  4. 13.10.2025 23:12 1 articles · 7mo ago

    Medusa ransomware claims SimonMed Imaging and demands payment

    Attribution Update

    Medusa ransomware claimed SimonMed Imaging on its extortion portal on February 7, saying it had stolen 212 GB of data and demanding $1million plus $10,000 for a one-day extension before publishing stolen files.

    Show sources
    Open in new tab
  5. 10.10.2025 03:00 2 articles · 7mo ago

    SimonMed Imaging notifies more than 1.2 million individuals

    Victim Impact Update

    SimonMed Imaging circulated its breach notice on October 10, saying more than 1.2 million individuals were being notified, that it had no evidence the accessed information was misused for fraud or identity theft as of that date, and that recipients were offered free identity theft services through Experian.

    Show sources
    Open in new tab