ExpertMRI: Expert MRI Data Breach Exposes PII & PHI

Expert MRI Suffers Major Data Breach, Exposing Sensitive Patient Information

Expert MRI, a California-based diagnostic imaging provider, confirmed a significant data breach after unauthorized actors accessed its network between June 2 and August 24, 2025. The cyberattack, claimed by the threat actor PEAR, involved ransomware deployment and the theft of approximately 617 GB of sensitive data, which was later posted on the dark web on September 6, 2025.

The compromised data includes personally identifiable information (PII) and protected health information (PHI), such as names, addresses, dates of birth, medical diagnoses, treatment details, and—in some cases—Social Security numbers. The combination of PII and PHI heightens risks of identity theft and fraud for affected individuals.

The breach was detected following an investigation that revealed files were copied from Expert MRI’s network. The company has since engaged third-party cybersecurity experts to assess the incident’s scope and identify impacted individuals.

Expert MRI has published a cybersecurity event notice detailing the breach and established a call center (855-720-3740) for affected individuals seeking further information. The incident underscores the growing threat of ransomware attacks targeting healthcare providers and the severe consequences of large-scale data exfiltration.

Source: https://www.claimdepot.com/data-breach/expert-mri-2025

ExpertMRI cybersecurity rating report: https://www.rankiteo.com/company/expert-mri-medical-diagnostics

"id": "EXP1765816217",
"linkid": "expert-mri-medical-diagnostics",
"type": "Ransomware",
"date": "9/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'industry': 'Healthcare',
                        'location': 'California, USA',
                        'name': 'Expert MRI',
                        'type': 'Healthcare Provider'}],
 'attack_vector': 'Unauthorized network access',
 'customer_advisories': 'Call center set up at 855-720-3740 (Monday-Friday, 9 '
                        'a.m. to 5 p.m. ET)',
 'data_breach': {'data_encryption': 'Yes (ransomware)',
                 'data_exfiltration': 'Yes',
                 'personally_identifiable_information': ['Names',
                                                         'Addresses',
                                                         'Dates of birth',
                                                         'Admission dates',
                                                         'Diagnosis '
                                                         'information',
                                                         'Treatment '
                                                         'information',
                                                         'Social Security '
                                                         'numbers (subset)'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personally Identifiable '
                                              'Information (PII)',
                                              'Protected Health Information '
                                              '(PHI)']},
 'date_detected': '2025-08-24',
 'date_publicly_disclosed': '2025-09-06',
 'description': 'Expert MRI, a leading California-based diagnostic imaging '
                'provider, experienced a significant data breach after its '
                'computer network was accessed by unauthorized actors between '
                'June 2, 2025, and Aug. 24, 2025. The breach compromised '
                'personally identifiable information (PII) and protected '
                'health information (PHI). The threat actor known as PEAR '
                'claimed responsibility, deploying ransomware and stealing '
                'approximately 617 GB of data.',
 'impact': {'brand_reputation_impact': 'Severe',
            'data_compromised': '617 GB',
            'identity_theft_risk': 'High',
            'systems_affected': 'Computer network'},
 'investigation_status': 'Ongoing',
 'motivation': 'Data exfiltration, ransomware deployment',
 'ransomware': {'data_encryption': 'Yes', 'data_exfiltration': 'Yes'},
 'recommendations': ['Monitor financial accounts and credit reports for signs '
                     'of identity theft',
                     'Place fraud alerts or credit freezes with major credit '
                     'bureaus',
                     'Be cautious of unsolicited emails or phone calls '
                     'requesting personal information'],
 'references': [{'source': 'Expert MRI Cybersecurity Event Notice',
                 'url': 'https://www.expertmri.com/cybersecurity-event-notice'}],
 'regulatory_compliance': {'regulations_violated': ['HIPAA']},
 'response': {'communication_strategy': 'Public notice, call center setup',
              'incident_response_plan_activated': 'Yes',
              'remediation_measures': 'Reviewed affected data, identified '
                                      'compromised individuals',
              'third_party_assistance': 'Cybersecurity professionals'},
 'threat_actor': 'PEAR',
 'title': 'Expert MRI Data Breach',
 'type': 'Data Breach, Ransomware'}

ExpertMRI: Expert MRI Data Breach Exposes PII & PHI

GitHub and OpenAI: A message from John Furrier, co-founder of SiliconANGLE:

Intesa Sanpaolo: Italy data protection agency fines Intesa Sanpaolo $36 mln over data breach

Sterling Seacrest Pritchard: Sterling Seacrest Pritchard email breach exposes data of over 7,400 individuals