Call Us

Radiology Associates of Richmond, Inc. Data Breach

Posted on behalf of Arnold Law Firm on July 7, 2025 in Data Breach
Updated on August 26, 2025

NOTICE: If you received a NOTICE OF DATA BREACH letter from Radiology Associates of Richmond, Inc., contact the Arnold Law Firm at (916) 777-7777 to discuss your legal options, or submit a confidential Case Evaluation form here.

​​​​​​​​On July 1, 2025, Radiology Associates of Richmond, Inc. (“RAR”) reported a significant cybersecurity incident to multiple state attorneys general, including California and Massachusetts, following unauthorized access to its network environment earlier in the year (the “Data Breach”). RAR determined that an unauthorized actor gained entry between April 2 and April 6, 2024. 

Recently, RAR has begun sending data breach notification letters to those affected. RAR is offering complimentary credit monitoring services through Cyberscout to those affected. If you received a data breach notification letter, it confirms that your data was affected by this Data Breach.

Radiology Associates of Richmond, Inc. is a private radiology practice headquartered in Richmond, Virginia. Established in 1905, RAR provides diagnostic imaging and interventional radiology services to patients across central Virginia, including MRI, CT scans, X-rays, breast imaging, neuroradiology, pediatric radiology, and nuclear medicine. The organization supports nine hospitals, several emergency centers, and multiple outpatient imaging facilities.

WHAT INFORMATION IS INVOLVED IN THE RADIOLOGY ASSOCIATES OF RICHMOND, INC. DATA BREACH?

Radiology Associates of Richmond, Inc. Data BreachRAR has not yet specified which data elements were accessed. However, the following types of information may have been involved:

  • Name
  • Social security number, 
  • Dates of birth
  • Addresses
  • Driver’s license or government ID numbers
  • Financial account or payment card numbers
  • Medical information and health insurance details.

We are actively monitoring any updates and will provide more specific information as it becomes available.

This information is called your Personally Identifiable Information (“PII”). It tells others about you and is considered part of your identity. Businesses are required to secure this information or risk facing statutory penalties, among other legal penalties. Stolen PII can be used by identity thieves to engage in fraudulent activity using your identity. 

Personal medical information (a specific type of PII) is referred to as Protected Health Information (“PHI”). It is protected under both state and federal law. Healthcare providers and other businesses who handle PHI are required to protect that information. Like stolen PII, stolen PHI can be used by identity thieves to engage in fraudulent activity using your identity. Quite often, PII and PHI are used in conjunction by hackers.

The best way to protect yourself after a data breach is to sign up for credit and identity protection services as soon as possible. 

California offers extra protections and legal rights to its residents through the California Consumer Privacy Act (“CCPA”).

NOTICE: If you received a NOTICE OF DATA BREACH letter from Radiology Associates of Richmond, Inc., contact the Arnold Law Firm at (916) 777-7777 to discuss your legal options, or submit a confidential Case Evaluation form here.