Radiology Associates of Richmond Data Breach Exposes 266,000 Patient Records
Threat actors stole files containing names and protected health information from Radiology Associates of Richmond, affecting approximately 266,000 individuals.
Radiology Associates of Richmond, a medical imaging practice serving central Virginia, has disclosed a data breach affecting approximately 266,000 individuals. The incident, which came to light in late May 2026, involved threat actors gaining unauthorized access to the organization's systems and exfiltrating files containing sensitive patient information, including names and protected health information (PHI).
The breach was detected after the organization identified suspicious activity within its network environment. An investigation launched with the assistance of external cybersecurity experts confirmed that an unauthorized party had accessed certain systems and removed files containing personal and medical data. While the full scope of the compromised information is still being assessed, the files are believed to include patient names, dates of birth, Social Security numbers, medical history details, radiology reports, and insurance information.
Radiology Associates of Richmond has begun notifying affected individuals by mail, as required under HIPAA breach notification rules. The organization is also offering complimentary credit monitoring and identity protection services to those whose Social Security numbers were exposed. In a public notice, the practice encouraged patients to remain vigilant against potential phishing attempts or fraudulent communications that might reference the stolen data.
The healthcare sector continues to be a prime target for cybercriminals due to the high value of medical records on the black market. Unlike financial data, which can be invalidated after a breach, medical histories, Social Security numbers, and insurance details remain useful for fraud and identity theft for years. This incident mirrors a broader trend of attacks against hospitals, clinics, and diagnostic centers, where ransomware and data theft have become persistent threats.
No ransomware group has publicly claimed responsibility for the Radiology Associates of Richmond breach, and the organization has not confirmed whether extortion demands were made. However, the theft of files containing PHI is consistent with the double-extortion tactics used by many modern cybercriminal groups, who not only encrypt systems but also exfiltrate data to pressure victims into paying ransoms.
Regulatory scrutiny is likely to follow. The Office for Civil Rights (OCR) within the U.S. Department of Health and Human Services may investigate whether Radiology Associates of Richmond had adequate security measures in place, particularly regarding access controls, network monitoring, and data encryption. HIPAA violation penalties can reach millions of dollars for large breaches involving patient data.
This breach adds to a growing list of healthcare data incidents in 2026, including the American Lending Center breach (though that involved a lender, not a healthcare provider) and other attacks on medical organizations. The frequency and scale of healthcare breaches underscore the urgent need for stronger cybersecurity investment in the sector, especially among smaller regional practices that may lack the resources of major hospital systems. Patients are advised to monitor their medical bills and Explanation of Benefits statements for any sign of fraudulent services rendered using their information.