Valley Radiology Consultants Medical Group Discloses September Data Breach

On Sept. 15, 2025, Valley Radiology Consultants Medical Group detected suspicious activity within its computer systems. The company secured its systems and brought in a specialized third-party cybersecurity firm to investigate the incident.

The forensic investigation revealed that certain files, including patient files, were accessed by an unauthorized actor. The company finalized the list of affected individuals on Feb. 18, 2026.

At this time, the investigation is ongoing. Medical records are the only type of information confirmed to be exposed as a result of the breach at this time.

This incident was reported to the California Attorney General and to the Massachusetts Office of Consumer Affairs and Business Regulation starting on March 2, 2026. Furthermore, VRCMG posted a disclosure of the incident on its website.

VRCMG's response

For those affected, the company is offering 12 months of complimentary Single Bureau Credit Monitoring, Credit Report and Credit Score services through Cyberscout, a TransUnion company. These services will alert individuals to changes in their credit file and provide proactive fraud assistance.

Enrollment must be completed within 90 days of receiving the notification letter.

The company encourages all potentially affected individuals to remain vigilant for incidents of identity theft and fraud. Recommended steps include reviewing account statements, monitoring credit reports for suspicious activity, and considering placing a fraud alert or credit freeze on credit files.

Contact information for the three major credit bureaus (Experian, Equifax and TransUnion) is included in the notification and resources are provided for further assistance.