Vital Imaging Medical Diagnostic Centers Data Breach (Florida, 2025): 260,000 Patients, SSNs and Diagnostic Results Exfiltrated, Class Action Filed and Multiple Investigations Open
Vital Imaging Medical Diagnostic Centers, LLC — a Miami-based outpatient radiology group — reported a February 13, 2025 network intrusion to HHS OCR on August 21, 2025, disclosing that 260,000 patients had Social Security numbers, driver's license numbers, passport numbers, insurance information and diagnostic results exfiltrated. A class action lawsuit has been filed in Miami-Dade County and at least ten plaintiff firms have opened investigations.
You have options. Scroll for the exact action steps, what your provider’s response covers, and what your health data needs beyond credit monitoring.
Timeline
Feb 13, 2025
Unauthorized activity detected on Vital Imaging network server; incident discovered the same day.
Feb 13, 2025
Breach detected
Aug 21, 2025
Breach reported to HHS Office for Civil Rights affecting 260,000 individuals (Hacking/IT Incident, Network Server).
Aug 21, 2025
Disclosed publicly
Aug 27, 2025
Plaintiff firms (Schubert Jonckheer & Kolbe, Strauss Borrelli, Wolf Haldenstein, Levi & Korsinsky, Federman & Sherwood) publicly announce class-action investigations.
Feb 19, 2026
Vital Imaging completes its review and confirms the categories of data exfiltrated.
Mar 30, 2026
Vital Imaging publishes substitute notice on vitalimg.com and begins mailing individual notification letters.
Apr 15, 2026
Vital Imaging issues formal Notice of Data Breach via PRNewswire; Massachusetts AG filing (2026-864) also confirmed.
May 1, 2026
Judith Garcia v. Vital Imaging Diagnostic Centers LLC filed in Miami-Dade Circuit Court — first confirmed class action complaint.
Feb 13, 2025
Unauthorized activity detected on Vital Imaging network server; incident discovered the same day.
Feb 13, 2025
Breach detected
Aug 21, 2025
Breach reported to HHS Office for Civil Rights affecting 260,000 individuals (Hacking/IT Incident, Network Server).
Aug 21, 2025
Disclosed publicly
Aug 27, 2025
Plaintiff firms (Schubert Jonckheer & Kolbe, Strauss Borrelli, Wolf Haldenstein, Levi & Korsinsky, Federman & Sherwood) publicly announce class-action investigations.
Feb 19, 2026
Vital Imaging completes its review and confirms the categories of data exfiltrated.
Mar 30, 2026
Vital Imaging publishes substitute notice on vitalimg.com and begins mailing individual notification letters.
Apr 15, 2026
Vital Imaging issues formal Notice of Data Breach via PRNewswire; Massachusetts AG filing (2026-864) also confirmed.
May 1, 2026
Judith Garcia v. Vital Imaging Diagnostic Centers LLC filed in Miami-Dade Circuit Court — first confirmed class action complaint.
Data exposed
01
High-risk identity
Enables financial + identity theft
02
Health records
Don't expire and can't be reissued
03
Contact & insurance
Phishing + targeted scams
Class actions filed by
These firms have publicly announced investigations. You may be eligible to join. We are not a law firm and cannot give legal advice.
Your action plan, in five steps.
You have more rights than the notification letter explains. Each step below is a concrete thing you can do today. Full detail and timing in the sections that follow.
01
Accept credit monitoring
It’s the floor of the response. Take it.
02
Freeze your credit
Free at Equifax, Experian, TransUnion.
03
File IRS Form 14039
Prevent fraudulent tax return under your SSN.
04
Review your EOBs
Insurance statements catch medical identity theft early.
05
Stop the ongoing flow
Credit monitoring doesn’t cover your health records. HealthConsent does.
Vital Imaging Medical Diagnostic Centers, LLC, a Miami-based outpatient radiology group operating eight diagnostic imaging and testing facilities in Miami-Dade County, confirmed in its Notice of Security Incident that on February 13, 2025, an unauthorized actor accessed its network and removed files. The matter was reported to the U.S. Department of Health and Human Services Office for Civil Rights on August 21, 2025, affecting 260,000 individuals.
In its own words, “certain files were removed from our network without our authorization.” Vital Imaging completed the document review on February 19, 2026 and began mailing notification letters by March 30, 2026 — more than a year after the intrusion. A formal Notice of Data Breach was issued via PRNewswire on April 15, 2026, and a corresponding filing was made with the Massachusetts Attorney General (filing 2026-864).
The intrusion occurred within weeks of a large-scale ransomware attack on SimonMed Imaging in Arizona (nearly 1.3 million patients, attributed to the Medusa cybercrime gang). BankInfoSecurity reported the two incidents together, noting the pattern of radiology sector targeting in early 2025. No attacker has been publicly attributed for the Vital Imaging intrusion.
Timeline
- February 13, 2025 — Unauthorized activity is detected on the network server. The official notice records this as both the incident date and the discovery date.
- August 21, 2025 — Vital Imaging reports the breach to HHS OCR as a Hacking/IT Incident at Network Server affecting 260,000 individuals.
- August 27 to 29, 2025 — Plaintiff firms including Schubert Jonckheer & Kolbe, Strauss Borrelli, Wolf Haldenstein, Levi & Korsinsky, Federman & Sherwood, and Lynch Carpenter publicly announce class-action investigations.
- February 19, 2026 — Vital Imaging completes its forensic review and finalizes the categories of personal information involved.
- March 30, 2026 — Substitute notice is published on vitalimg.com and individual notification letters are mailed; Kroll is retained as the call-center and remediation vendor.
- April 15, 2026 — Formal Notice of Data Breach issued via PRNewswire; Massachusetts AG filing (case 2026-864) confirmed.
- 2026 (date confirmed via court docket) — Judith Garcia v. Vital Imaging Diagnostic Centers LLC filed in Miami-Dade Circuit Court, the first confirmed complaint to move past the investigation stage.
What was exposed
Per the company’s substitute notice, the categories of personal information involved vary by individual and may include:
- Name and contact information
- Date of birth
- Social Security number
- Driver’s license number
- Passport number
- Government or state identification number
- Health insurance information
- Diagnostic results
The combination of Social Security number, government identifiers, and diagnostic results places this breach in the high-severity tier: it pairs the identity-theft primitives needed for synthetic-identity fraud with sensitive medical context that has no expiration and no remediation path.
What Vital Imaging is offering
The notice directs affected individuals to a Kroll-operated call center for “fraud assistance and remediation services” and to enroll in Kroll Identity Monitoring at enroll.krollmonitoring.com:
- Kroll phone: (844) 403-4506, Monday through Friday, 8:00 AM to 5:30 PM CT.
- Mailing address: 7101 SW 99 Avenue, Suite 109, Miami, Florida 33173.
The substitute notice and the Massachusetts AG letter do not specify a credit-monitoring duration or a public enrollment deadline. Your individual notification letter will include a personal activation code and the deadline date. Enroll before the deadline printed on your letter.
Class-action posture
At least ten plaintiff firms have opened investigations, and at least one lawsuit has been filed. A class action complaint — Judith Garcia v. Vital Imaging Diagnostic Centers LLC — was filed in Miami-Dade Circuit Court. Investigating firms include:
- Wolf Haldenstein Adler Freeman & Herz LLP
- Levi & Korsinsky, LLP
- Federman & Sherwood
- Schubert Jonckheer & Kolbe LLP
- Strauss Borrelli PLLC
- Markovits, Stock & DeMarco, LLC
- Barnow and Associates, P.C.
- Cory Watson Attorneys
- Lynch Carpenter LLP
- Srourian Law Firm (SLFLA)
The thirteen-month gap between intrusion (February 13, 2025) and mailed notice (March 30, 2026) — well outside the HIPAA Breach Notification Rule’s 60-day window from discovery to notification — is the central liability theory in the public investigation announcements and the filed complaint.
What to do if you may be affected
- Enroll in Kroll Identity Monitoring at enroll.krollmonitoring.com using the activation code in your notification letter. Call (844) 403-4506, Monday through Friday, 8:00 AM to 5:30 PM CT, with questions about enrollment or eligibility.
- Freeze your credit at Equifax, Experian, and TransUnion. With SSN, driver’s license, and passport numbers in attacker hands, a credit freeze is the single highest-leverage step against new-account fraud.
- File IRS Form 14039 (Identity Theft Affidavit) if your Social Security number was confirmed exposed. This places a flag on your IRS account and routes your returns through a fraud-detection filter.
- Watch for the Vital Imaging notification letter. The exact data elements involved vary per person — only your letter lists what was exposed about you and the specific enrollment code for Kroll services.
- Request a new driver’s license / passport through the relevant agency if your letter confirms those identifiers were exposed. Keep copies of all replacement applications — plaintiff firms ask for them as proof of mitigation costs.
- Review insurance explanations of benefits (EOB). Diagnostic result data in attacker hands can enable fraudulent claims under your insurance policy. Report any charges you do not recognize to your insurer’s fraud line.
- Preserve your notice letter and envelope. A class action has been filed in Miami-Dade (Judith Garcia v. Vital Imaging Diagnostic Centers LLC) and at least ten firms are investigating — your letter and envelope establish standing.
- Stop the ongoing flow of your diagnostic imaging data. HealthConsent files HIPAA restriction requests so the radiology and diagnostic results exposed in this breach are not continuously re-shared across provider networks, clearinghouses, and health information exchanges.
Sources
- Vital Imaging — Notice of Security Incident (official) — primary source for data elements, Kroll contact, and timeline.
- HHS Office for Civil Rights Breach Portal — federal regulatory record (260,000 affected, Hacking/IT Incident, Network Server, reported August 21, 2025).
- PRNewswire — Notice of Data Breach (April 15, 2026) — formal public notice confirming April 15, 2026 issuance and Kroll enrollment details.
- Massachusetts Attorney General — Vital Imaging Filing 2026-864 — state AG notice letter confirming Kroll enrollment URL and call center details.
- HIPAA Journal — Florida Medical Imaging Provider Notifies 260,000 Patients About February Data Breach — confirms February 13, 2025 discovery and the “reasonable belief that personally identifiable information and protected health information were accessed and acquired by the attackers” language.
- BankInfoSecurity — 2 Radiology Practices Disclose Hacks Affecting 1.5M Patients — sector context: Vital Imaging and SimonMed Imaging breaches covered together, confirming 8 Miami-Dade locations.
- ClassAction.org — Vital Imaging Medical Diagnostic Centers Data Breach Impacts 260K — Miami-Dade County footprint and plaintiff-firm activity.
- Law.com Radar — Judith Garcia v. Vital Imaging Diagnostic Centers LLC — confirms a class action complaint filed in Miami-Dade Circuit Court.
- Wolf Haldenstein — Data Breach Alert (GlobeNewswire, Aug 29, 2025) — class-action investigation announcement.
- Lynch Carpenter LLP — Vital Imaging Data Breach Investigation (GlobeNewswire, Aug 28, 2025) — additional class-action investigation announcement.
- Strauss Borrelli PLLC — Vital Imaging Center Data Breach Investigation — additional class-action investigation announcement.
- Schubert Jonckheer & Kolbe — Privacy Alert — independent confirmation of incident date, HHS filing date, and exposed data categories.
- Srourian Law Firm — Vital Imaging Breach Investigation — additional class-action investigation confirmation.
Credit monitoring covers your wallet. HealthConsent covers your health records.
Your stolen diagnoses, test results, and medical record numbers don’t expire when the free credit-monitoring window ends. HealthConsent automates HIPAA restriction requests and opt-outs across providers, insurers, HIEs, and prescription networks so the data taken in this breach can’t keep being shared and sold by other entities downstream.
Protect my health dataCancel anytime · Family plan covers spouses + dependents
Sources & further reading
- Vital Imaging — Notice of Security Incident (official)
- HHS Office for Civil Rights Breach Portal
- HIPAA Journal — Florida Medical Imaging Provider Notifies 260,000 Patients About February Data Breach
- ClassAction.org — Vital Imaging Medical Diagnostic Centers Data Breach Impacts 260K
- Wolf Haldenstein — Data Breach Alert (GlobeNewswire)
- Strauss Borrelli PLLC — Vital Imaging Center Data Breach Investigation
- Schubert Jonckheer & Kolbe — Privacy Alert
- PRNewswire — Notice of Data Breach (Vital Imaging, April 15, 2026)
- Massachusetts Attorney General — Vital Imaging Data Breach Notice Filing (2026-864)
- BankInfoSecurity — 2 Radiology Practices Disclose Hacks Affecting 1.5M Patients
- Lynch Carpenter LLP — Vital Imaging Data Breach Investigation
- Srourian Law Firm — Vital Imaging Breach Investigation
- Law.com Radar — Judith Garcia v. Vital Imaging Diagnostic Centers LLC (Miami-Dade)
Official HHS OCR Breach Portal: ocrportal.hhs.gov
About this page
This page is compiled from public regulatory filings, the breached entity’s own disclosures, and reporting from established healthcare-privacy outlets. Some sections are assembled with the help of automated research and may contain errors, summaries that lag the underlying source, or details that have since been revised. Treat it as a starting point, not legal advice or an authoritative record. If you spot something inaccurate, the linked sources above are the canonical record. For questions about your individual situation, contact the breached entity directly or consult a licensed attorney.