About SimonMed Imaging
SimonMed Imaging, a healthcare organization based in Scottsdale, AZ, experienced a data breach affecting over 1.2 million individuals, including 22 residents of Maine. The breach, which involved unauthorized access to external systems, was discovered on January 28, 2025, a week after it occurred on January 21, 2025. The breach was reported by SimonMed’s attorney, Daniel Greene from Octillo Law PLLC, and notifications to affected individuals were sent out on October 10, 2025.
What Happened
On January 27, 2025, we were alerted by one of our vendors that they were experiencing a security incident. After receiving this information, we promptly began a review of our own systems and on the following day, January 28, 2025, we discovered suspicious activity on our network. Upon discovering we were the victim of a criminal attack, we immediately began an investigation and took steps to contain the situation, including resetting passwords, enhancing multifactor authentication, implementing endpoint detection and response monitoring, removing all third-party vendor direct access to systems within SimonMed’s environment and all associated tools, limiting only whitelisted traffic into and from our network, notifying law enforcement, and engaging data security and privacy professionals to assist. Through our investigation, we determined that there was unauthorized access to our systems between January 21, 2025 and February 5, 2025. During this period, we identified that files containing your Information were obtained by an unauthorized party. Our investigation did not identify any evidence of misuse of your Information for fraud or identity theft related to the Incident.
This breach involved a criminal attack on SimonMed’s systems, affecting over 1.2 million individuals. Unauthorized access occurred from January 21 to February 5, 2025, compromising personal information, though no misuse for fraud or identity theft was detected.
Next Steps
Affected individuals should remain vigilant by monitoring their credit reports and account statements for any unauthorized activity. It is advisable to report any suspicious transactions to their financial institutions immediately. SimonMed has taken steps to improve its system security, and affected individuals are encouraged to follow any additional recommendations provided in their notification letter. For further assistance, individuals can contact SimonMed’s dedicated helpline.
Identity Theft Protection Services
SimonMed is offering complimentary access to Experian IdentityWorksSM to help protect affected individuals’ identities. This service includes identity restoration assistance and fraud detection tools. Affected individuals are encouraged to activate this service by enrolling on the Experian IdentityWorks website using the provided activation code before the enrollment deadline. It is important to take advantage of these protections to ensure the continued safety of personal information.