Northwest Radiologists data breach hits 350,000 in Washington

A January 2025 breach at Northwest Radiologists exposed data of 350,000 Washington State residents, the company confirmed.

A data breach at Northwest Radiologists in January 2025 has exposed the personal information of 350,000 residents of Washington State, the company has confirmed.

The security breach occurred on January 25, 2025 and caused “network disruption” at the organization.

Northwest Radiologists discovered unauthorized access occurring from January 20–25. They quickly notified law enforcement and started an investigaton with the help of third-party experts. A detailed review confirmed that personal data was accessed, and affected individuals are now being notified following verification of contact details.

“On or about January 25, 2025, Northwest Radiologists experienced a network disruption that impacted certain systems. Upon discovery, we took immediate action to address and investigate the event, which included contacting law enforcement and engaging third-party specialists to assist with determining the nature and scope of the event.” reads the notice sent to the Washington State Attorney General’s Office. “A thorough investigation determined that certain information stored on our network was subject to unauthorized access from January 20, 2025 to January 25, 2025.”

Potentially compromised information include customers first and last name, in combination one or more of the following: address information, telephone number, date of birth, email address, Social Security number, driver’s license or state identification card number, treatment or diagnosis information, provider name, medical record number or patient identification number, health insurance information, and/or treatment cost information. The company pointed out that they currently have no reason to believe that your information has been or will be misused as a result of this incident.

Northwest Radiologists hasn’t shared details about the type of cyberattack, but the disruption suggests it may have involved ransomware. No group has claimed responsibility so far.

The radiology services provider announced it had secured its infrastructure following the incident and added new safeguards. According to the notice sent to the Washington State Attorney General’s Office, 348,118 Washingtonians were impacted by the attack.

They’re also offering free credit and ID protection to the impacted individuals.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)