Radiology Associates of Richmond Data Breach Affects 1.6 Million People

Published
July 2, 2025
Updated
June 11, 2026
Radiology Associates of Richmond Data Breach Affects 1.6 Million People
Radiology Associates of Richmond

Radiology Associates of Richmond, Inc. (RAR) experienced a data breach that exposed both personally identifiable information (PII) and protected health information (PHI). An unauthorized actor infiltrated the RAR network and on May 2, 2025, an investigation revealed the cybersecurity incident occurred April 2, 2024, through April 6, 2024.

Exposed information may have included Social Security numbers, dates of birth, address information, financial account or payment card numbers, medical records and health insurance information. The data breach impacted an estimated 1,419,091 individuals.

The data breach was disclosed to the U.S. Department of Health and Human Services on July 1, 2025. Affected patients include 1,279 Massachusetts residents and 80 in Montana.

Radiology Associates of Richmond began notifying affected individuals on July 1, 2025, and published a Notice of Data Security Incident on its own website. The data breach was also disclosed to the California, Massachusetts, Washington, Montana and Vermont attorneys general offices starting on July 1, 2025.

Radiology Associates of Richmond's response

In additional to required state disclosures, Radiology Associates of Richmond is offering free Cyberscout single bureau credit monitoring services to all affected individuals.

If you receive notification from Radiology Associates of Richmond about this breach, you may want to:

  • Carefully review any notice or communication you receive and sign up for the free credit monitoring services offered by RAR.
  • Monitor financial accounts and credit reports for signs of identity theft.
  • Consider placing fraud alerts or credit freezes with major credit bureaus.
  • Be cautious of unsolicited emails or phone calls requesting personal information.

Types of INFORMATION affected
  • Names
    Names
  • Social security numbers
    Social Security Numbers
  • Dates of birth
    Dates of Birth
  • Addresses
    Addresses
  • Government IDs
    Government IDs
  • Medical Information
    Medical Info
  • Financial Info
    Financial Info
  • Affected information types not yet disclosed

Notice Letter

This browser does not support inline PDFs. Please download the PDF to view it: Download PDF

Consumers Notification date
May 21, 2026
Date of Breach
July 27, 2025
Breach Discovered Date
April 6, 2026
Total People Affected
266183
Information Types Exposed
  • Credit and Debit Account Info
  • Financial Account
  • Financial Account Codes
  • Government-issued ID number (e.g. passport)
  • Health Records
  • Medical Records
  • No information types mentioned
  • Social Security Number
  • Credit or debit
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image