The Florida-based X-ray provider Doctors Imaging Group (DIG) suffered a major cyberattack in November 2024, exposing sensitive personal, medical, and financial data of 171,862 individuals. Attackers gained unauthorized access between November 5–11, 2024, copying files containing full names, addresses, dates of birth, medical records, patient account numbers, health insurance details, diagnoses, treatments, financial account numbers, and Social Security Numbers (SSNs). The breach was confirmed nearly a year later (August 29, 2025) after a forensic investigation. DIG did not offer free credit monitoring or identity protection, instead advising victims to self-monitor financial statements. The incident highlights the high value of medical data on dark web markets, where such records sell for $60–$250 each—far exceeding the price of stolen credit cards. The breach underscores critical vulnerabilities in healthcare IT systems, with attackers exploiting the data for fraud, identity theft, phishing, and potential extortion.
TPRM report: https://www.rankiteo.com/company/doctors-imaging-group
"id": "doc0692706100925",
"linkid": "doctors-imaging-group",
"type": "Cyber Attack",
"date": "11/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'customers_affected': '171,862',
'industry': 'Medical Imaging',
'location': 'Florida, USA',
'name': 'Doctors Imaging Group (DIG)',
'type': 'Healthcare Provider'}],
'customer_advisories': ['Monitor financial statements for fraud.',
'Request free annual credit reports.',
'Consider placing fraud alerts or credit freezes with '
'major credit bureaus.'],
'data_breach': {'data_exfiltration': True,
'number_of_records_exposed': '171,862',
'personally_identifiable_information': True,
'sensitivity_of_data': 'High (PII, PHI, Financial Data)',
'type_of_data_compromised': ['Full Names',
'Addresses',
'Dates of Birth',
'Medical Record Numbers',
'Patient Account Numbers',
'Health Insurance Policy '
'Information',
'Diagnoses/Treatments/Claims',
'Financial Account Numbers',
'Social Security Numbers']},
'date_detected': '2025-08-29',
'date_publicly_disclosed': '2025-08-29',
'description': 'Florida-based X-ray provider Doctors Imaging Group (DIG) '
'confirmed a major cyberattack that exposed sensitive personal '
'and medical data of over 170,000 individuals. Unauthorized '
'access occurred between November 5–11, 2024, but the breach '
'was only disclosed on August 29, 2025, after a forensic '
'review. The stolen data included full names, addresses, dates '
'of birth, medical records, Social Security Numbers, and '
'financial account details. DIG did not offer free credit '
'monitoring or identity protection services, drawing criticism '
'for the delayed disclosure and lack of victim support.',
'impact': {'brand_reputation_impact': 'High (due to delayed disclosure and '
'lack of victim support)',
'data_compromised': True,
'identity_theft_risk': 'High (SSNs, medical records, financial '
'data exposed)',
'payment_information_risk': 'High (financial account numbers '
'exposed)',
'systems_affected': ['Internal Network']},
'initial_access_broker': {'data_sold_on_dark_web': "Likely (medical 'fullz' "
'profiles fetch $60–$250 '
'each)',
'high_value_targets': ['Patient Medical Records',
'Financial Data']},
'investigation_status': 'Completed (forensic review concluded)',
'lessons_learned': ['Delayed breach disclosure exacerbates reputational and '
'operational risks.',
'Healthcare providers must prioritize rapid incident '
'response and victim support (e.g., credit monitoring).',
'Legacy IT systems in healthcare increase vulnerability '
'to attacks.',
'Medical data is highly valuable on dark web markets, '
'necessitating stronger protections.'],
'motivation': ['Financial Gain', 'Data Theft for Resale'],
'post_incident_analysis': {'corrective_actions': ['Review and strengthen '
'security policies/tools.',
'Enhance breach response '
'timelines.',
'Evaluate identity '
'protection offerings for '
'future incidents.'],
'root_causes': ['Delayed detection (breach '
'occurred in Nov 2024, disclosed '
'Aug 2025).',
'Inadequate victim support (no '
'credit monitoring offered).',
'Potential legacy IT '
'vulnerabilities (common in '
'healthcare).']},
'ransomware': {'data_exfiltration': True},
'recommendations': ['Implement mandatory identity protection services (e.g., '
'credit monitoring) for breach victims.',
'Adopt continuous network monitoring and rapid breach '
'response protocols.',
'Replace legacy IT systems with modern, secure '
'infrastructure.',
'Educate patients on fraud risks (e.g., medical identity '
'theft, phishing) post-breach.',
'Use unique passwords and password managers to mitigate '
'credential-stuffing attacks.',
'Consider services like Bitdefender Digital Identity '
'Protection for breach monitoring.'],
'references': [{'date_accessed': '2025-08-29',
'source': 'Doctors Imaging Group (DIG) Breach Notice'},
{'source': "Article: 'How stolen medical data is used for "
"fraud'"}],
'regulatory_compliance': {'regulations_violated': ['HIPAA (likely, given PHI '
'exposure)'],
'regulatory_notifications': ['U.S. Department of '
'Health & Human '
'Services']},
'response': {'communication_strategy': ['Public Disclosure',
'Patient Notifications'],
'containment_measures': ['Investigation Initiated',
'Network Security Assessment'],
'incident_response_plan_activated': True,
'recovery_measures': ['Patient Notification Letters'],
'remediation_measures': ['Policy and Tool Review',
'Strengthening Security Measures']},
'stakeholder_advisories': ['U.S. Department of Health & Human Services'],
'title': 'Doctors Imaging Group (DIG) Data Breach Exposes 170,000+ Patient '
'Records',
'type': ['Data Breach', 'Unauthorized Access']}