Scam of the day – October 28, 2025 – Another Major Health Care Data Breach

by | Oct 27, 2025 | Scam of the day

An analysis of the health care breach data base maintained by the Department of Health and Human Services done by Security Week indicated that in 2024 there were 720 data breaches affecting as many as 186 million people.  And just this week we learned of a data breach at medcial imaging provider Simon Med Imaging that compromised the data of 1.2 million people.  While the data breach was only disclosed this past week, the hacking occured between January 21st and February 5th of this year.  SimonMed has not indicated precisely what information was taken other than the names of its patients, but it is thought to have included much sensitive informaiton that could result in identity theft.  The Medusa ransomware gang announced on its Dark Web portal in February that it had hacked SimonMed Imaging and leaked some of hte stolen data as proof of their claim.  At that time Medusa demanded a million dollar ransom payment.  While the company has not confirmed any payment, the fact that Medusa no longer lists the data breach on its site is a good indication that the ransom was paid.

Healthcare companies are targeted for a number of reasons including the general lack of security of many healthcare companies and the extensive personal and medical information they store including health insurance information that can be sold by criminals on the dark web for large prices enabling other people to access your health insurance.  Having your health insurance policy used by an identity thief is particularly dangerous because it can result in your medical records being corrupted by the medical information of the identity thief and the difficulty in getting this information removed from your medical records.  Having the medical information of an identity thief on your medical records could even result in your getting a blood transfusion of the wrong blood type.

TIPS

This is a good time to remind you that although various health care providers often ask for your Social Security number, they do not need it.  You should politely refuse to provide it when asked.  The fewer places that have your Social Security number the less vulnerable you are to identity theft.

As for the victims of these data breaches, the first thing they should do is freeze their credit if they have not already done so.  Freezing your credit is actually something everyone should do.  It is free and easy to do.  In addition, it protects you from someone using your identity to obtain loans or make large purchases even if they have your Social Security number.  If you have not already done so, put a credit freeze on your credit reports at each of the major credit reporting agencies.  Here are links to each of them with instructions about how to get a credit freeze:

Everyone also should monitor their credit reports regularly for indications of identity theft.  The three major credit reporting agencies now provide free weekly access to your credit reports so you can monitor your credit reports easily on your own.  Here is the only link to use to get your free credit reports.https://www.annualcreditreport.com/index.action
Some scammers have websites that appear to offer “free” credit reports, but if you read the fine print, you often may find that you have signed up for unnecessary services.
Finally, be wary of anyone who calls you asking for personal information in regard to these data breaches as that is a favorite tactic of the hackers to lure you into providing personal information that can lead to your becoming a victim of identity theft.
Also should check to see if your medical records have been corrupted by an identity thief.  If you were affected by this data breach you should get a copy of your medical records from your doctor, health insurance company and any other facility that has treated you.  Review your records for data that does not apply to you and report the errors to your health care provider and demand that the false information be removed.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/