Active breach tracker Brookfield, WI Disclosed March 10, 2026

Delta Medical Systems Data Breach 2026: 1,574 Healthcare-Imaging-Vendor Customers Exposed. SSN + Bank Accounts in Scope. What To Do

Delta Medical Systems, Inc., a Wisconsin-based Siemens Healthineers Advanced Partner serving rural hospitals and ASCs across WI, MN, IL, and MI, disclosed a July 2025 employee email compromise exposing names, Social Security numbers, driver's licenses, bank account information, medical, and health insurance data for 1,574 individuals (1,869 total notified). 12 months TransUnion identity protection offered to SSN-affected. Here is what to do.

You have options. Scroll for the exact action steps, what your provider’s response covers, and what your health data needs beyond credit monitoring.

By HealthConsent Editorial Last updated Sources & methodology

Timeline

Jul 15, 2025

Unusual activity detected in email environment; unauthorized access date

Jul 15, 2025

Attacker gained access

Nov 1, 2025

Document / data review completed

Feb 11, 2026

Identification of affected individuals completed

Mar 9, 2026

Public notice posted

Mar 10, 2026

HHS OCR submission; individual notification letters mailed

Data exposed

01

High-risk identity

Enables financial + identity theft

Date of birth Social Security number Driver's license / state ID number

03

Contact & insurance

Phishing + targeted scams

Full name Bank account and routing numbers Medical information Health insurance information

Class actions filed by

These firms have publicly announced investigations. You may be eligible to join. We are not a law firm and cannot give legal advice.

Shamis & Gentile P.A. (publicly investigating)
If you received a letter

Your action plan, in five steps.

You have more rights than the notification letter explains. Each step below is a concrete thing you can do today. Full detail and timing in the sections that follow.

01

Accept credit monitoring

It’s the floor of the response. Take it.

02

Freeze your credit

Free at Equifax, Experian, TransUnion.

03

File IRS Form 14039

Prevent fraudulent tax return under your SSN.

04

Review your EOBs

Insurance statements catch medical identity theft early.

05

Stop the ongoing flow

Credit monitoring doesn’t cover your health records. HealthConsent does.

Jump to step 5: protect my health data

What happened

Delta Medical Systems, Inc. is a family-owned Wisconsin medical imaging equipment vendor founded in 1979, headquartered in Brookfield, WI (Milwaukee metro). The company is a Siemens Healthineers Advanced Partner — exclusively selling and servicing Siemens medical imaging equipment (CT, X-ray, MRI, ultrasound, mammography, surgical) for rural and community hospitals, ASCs, outpatient clinics, and imaging-center startups across WI, MN, IL, and MI.

Delta is not a clinical provider — it is a B2B medical imaging vendor/service organization, so PHI exposure is incidental to its service relationships (likely covered by business associate agreements) plus employee HR data.

On July 15, 2025, Delta detected unusual activity in its email environment (also the date of unauthorized access per forensic findings). The data review was completed in November 2025; identification of affected individuals completed on February 11, 2026. Delta posted a public notice on March 9, 2026 and mailed individual notification letters with HHS OCR submission on March 10, 2026.

Affected count discrepancy:

  • HHS OCR: 1,574 individuals (PHI-affected, HIPAA-covered)
  • Total per ClaimDepot: 1,869 individuals (includes non-PHI PII, e.g., employees)

The smaller HHS count reflects Delta’s role as a Business Associate to its hospital and clinic customers.

No ransomware group has publicly claimed responsibility. The pattern (Email location, single-day access window) is consistent with business email compromise — credential phishing or token theft.

What was stolen

Per the company notice (varies by individual):

  • Full name
  • Date of birth
  • Social Security number
  • Driver’s license / state ID number
  • Bank account and routing numbers
  • Medical information
  • Health insurance information

The combination of SSN + bank account + medical + insurance is a high-severity composite exposure profile.

What Delta Medical Systems is offering

  • 12 months complimentary identity protection via TransUnion (single-bureau credit monitoring, credit report access, credit score monitoring)
  • Offered to SSN-affected individuals only
  • Dedicated toll-free call center
  • Network security hardening + third-party forensic engagement

The 12-month duration is below market for breaches with SSN + financial account + medical exposure (24 months is the more common offering for this composite profile).

What to do

  1. Enroll in TransUnion identity protection through the activation code in your letter.
  2. Place free credit freezes at Equifax, Experian, TransUnion. Single-bureau monitoring leaves gaps — freezes at all three bureaus close them.
  3. File IRS Form 14039.
  4. Cancel and reissue any payment methods tied to bank account / routing information that was in scope.
  5. Watch your bank account closely for unauthorized withdrawals in the weeks after notification — ACH theft can be rapid when routing/account numbers are exposed.
  6. Stop the ongoing flow of your imaging-vendor service data. HealthConsent files HIPAA restriction requests covering medical-equipment vendor and service-organization data pathways.

Continue reading

Stop your data from spreading further

Credit monitoring covers your wallet. HealthConsent covers your health records.

Your stolen diagnoses, test results, and medical record numbers don’t expire when the free credit-monitoring window ends. HealthConsent automates HIPAA restriction requests and opt-outs across providers, insurers, HIEs, and prescription networks so the data taken in this breach can’t keep being shared and sold by other entities downstream.

Protect my health data

Cancel anytime · Family plan covers spouses + dependents

About this page

This page is compiled from public regulatory filings, the breached entity’s own disclosures, and reporting from established healthcare-privacy outlets. Some sections are assembled with the help of automated research and may contain errors, summaries that lag the underlying source, or details that have since been revised. Treat it as a starting point, not legal advice or an authoritative record. If you spot something inaccurate, the linked sources above are the canonical record. For questions about your individual situation, contact the breached entity directly or consult a licensed attorney.