Lumexa Imaging: Lumexa Imaging Data Breach Exposes Patient Personal and Health Info

Lumexa Imaging: Lumexa Imaging Data Breach Exposes Patient Personal and Health Info

Lumexa Imaging Reports Data Breach via Third-Party Vendor, Exposing Patient Information

Lumexa Imaging, a major U.S. provider of outpatient diagnostic imaging services, disclosed a data breach stemming from unauthorized access to a third-party vendor’s network. The incident occurred between late March and early April 2026, compromising sensitive patient data held by Lumexa’s affiliated radiology practices and imaging centers.

The breach was detected on April 9, 2026, when the vendor reported suspicious activity within a network segment dedicated to Lumexa’s operations. Between March 31 and April 9, an unauthorized individual accessed and exfiltrated documents containing patient information. By April 15, Lumexa confirmed that the intruder may have viewed or copied records.

Exposed data varied by individual but potentially included names, dates of birth, addresses, phone numbers, Social Security numbers, patient account numbers, insurance details, visit dates, diagnoses, and other radiology-related health information. The total number of affected individuals has not been publicly disclosed, though the breach was reported to the California Attorney General.

In response, Lumexa began notifying impacted individuals via mail and is offering free identity monitoring services through Kroll. Affected parties must enroll by a specified deadline using a membership number provided in their notification letter. The company has also established a dedicated call center (844-959-7072) for inquiries, operating Monday through Friday from 8:00 a.m. to 5:30 p.m. Central Time. Additional contact details include Lumexa’s Raleigh, NC headquarters at 4200 Six Forks Road, Suite 1000, or by phone at 919-763-1100.

Source: https://www.claimdepot.com/data-breach/lumexa-imaging-2026

Lumexa Imaging cybersecurity rating report: https://www.rankiteo.com/company/lumexa-imaging

"id": "LUM1779135941",
"linkid": "lumexa-imaging",
"type": "Breach",
"date": "3/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Healthcare',
                        'location': 'United States',
                        'name': 'Lumexa Imaging',
                        'type': 'Healthcare Provider'}],
 'attack_vector': 'Third-Party Vendor Compromise',
 'customer_advisories': 'Free identity monitoring services offered through '
                        'Kroll; enrollment deadline and membership number '
                        'provided in notification letters. Dedicated call '
                        'center established (844-959-7072).',
 'data_breach': {'data_exfiltration': 'Yes',
                 'personally_identifiable_information': 'Names, dates of '
                                                        'birth, addresses, '
                                                        'phone numbers, Social '
                                                        'Security numbers, '
                                                        'patient account '
                                                        'numbers, insurance '
                                                        'details, visit dates, '
                                                        'diagnoses, and other '
                                                        'radiology-related '
                                                        'health information',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personally Identifiable '
                                              'Information (PII)',
                                              'Protected Health Information '
                                              '(PHI)']},
 'date_detected': '2026-04-09',
 'description': 'Lumexa Imaging, a major U.S. provider of outpatient '
                'diagnostic imaging services, disclosed a data breach stemming '
                'from unauthorized access to a third-party vendor’s network. '
                'The incident compromised sensitive patient data held by '
                'Lumexa’s affiliated radiology practices and imaging centers.',
 'impact': {'data_compromised': 'Sensitive patient data including names, dates '
                                'of birth, addresses, phone numbers, Social '
                                'Security numbers, patient account numbers, '
                                'insurance details, visit dates, diagnoses, '
                                'and other radiology-related health '
                                'information',
            'identity_theft_risk': 'High',
            'systems_affected': 'Third-party vendor’s network segment '
                                'dedicated to Lumexa’s operations'},
 'initial_access_broker': {'entry_point': 'Third-party vendor’s network'},
 'investigation_status': 'Ongoing',
 'post_incident_analysis': {'root_causes': 'Unauthorized access to third-party '
                                           'vendor’s network segment dedicated '
                                           'to Lumexa’s operations'},
 'references': [{'source': 'Lumexa Imaging Data Breach Notification'}],
 'regulatory_compliance': {'regulations_violated': ['HIPAA'],
                           'regulatory_notifications': 'Reported to the '
                                                       'California Attorney '
                                                       'General'},
 'response': {'communication_strategy': 'Notification letters mailed to '
                                        'impacted individuals, dedicated call '
                                        'center established',
              'third_party_assistance': 'Kroll (identity monitoring services)'},
 'title': 'Lumexa Imaging Data Breach via Third-Party Vendor',
 'type': 'Data Breach'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.