Radiology Associates of Richmond (RAR) has disclosed a data breach impacting the protected health information of 266,000 individuals.
According to the healthcare organization’s incident notice, the data breach occurred on or about July 25, 2025, when hackers accessed its internal systems.
RAR did not say when the intrusion was discovered, but said that it worked with external cybersecurity experts to contain the attack and investigate its scope.
“After an extensive forensic investigation and manual document review, RAR’s investigation concluded on or about April 6, 2026, that files containing protected health information pertaining to a limited number of individuals were acquired in an unauthorized manner as a result of the incident,” the organization says.
On May 21, RAR started sending notification letters to the potentially impacted individuals. According to the organization’s filing with the Maine Attorney General’s Office, 266,183 people are receiving such letters.
RAR’s incident notice and the redacted letter samples submitted to authorities in several states suggest that names, Social Security numbers, and other information might have been compromised. Still, they do not provide full details on the affected data.
According to a listing on the Texas AGO’s website, government-issued ID numbers, financial information (including credit or debit card numbers), and medical and health insurance details were likely stolen in the attack.
“Notified individuals have been provided with best practices to protect their information, and individuals whose Social Security numbers were contained in the impacted files have been offered complimentary credit monitoring,” RAR’s incident notice reads.
In July 2025, the Richmond, Virginia-based medical imaging services provider notified the US Department of Health and Human Services (HHS) that the personal information of 1.4 million people was stolen in an April 2024 data breach.
Related: DocketWise Data Breach Impacts 143,000
Related: Foxconn Confirms North American Factories Hit by Cyberattack
Related: 716,000 Impacted by OpenLoop Health Data Breach
Related: West Pharmaceutical Services Hit by Disruptive Ransomware Attack
