The Radiological Society of North America (RSNA) has reported a data breach affecting personal information, as revealed in recent notices to authorities in Massachusetts and Vermont. The society, headquartered in Oak Brook, Illinois, detected unauthorized access to its network on June 25, 2024, which led to the potential exposure of a limited number of 1099 forms. RSNA emphasized the importance of protecting personal information and promptly secured its systems, initiating a thorough investigation into the incident.
The investigation revealed that an unauthorized party may have accessed files containing personal data between June 20 and June 26, 2024. RSNA conducted an extensive forensic investigation and a manual document review, concluding that there is no evidence suggesting the compromised information has been used for identity theft or financial fraud. Despite this, the society is taking proactive measures by offering identity theft protection services through IDX, in addition to advising affected individuals on precautions to safeguard their personal information.
In its communication, RSNA extended apologies for the incident and reassured the public of its commitment to maintaining the privacy of personal information. The society is continuously evaluating and enhancing its internal controls and practices to ensure better security and privacy for sensitive data. After the breach was detected, RSNA’s website experienced a temporary outage in late June and early July, attributed to the ongoing security issues but without further elaboration.
As a follow-up to the investigation, RSNA has sent notification letters to fewer than 200 individuals informing them that their names and Social Security numbers may have been accessed. The society’s communication highlights its ongoing dedication to privacy and the measures being implemented to prevent similar incidents in the future. As the situation evolves, RSNA is expected to maintain transparency with affected parties and provide updates on its cybersecurity enhancements.
Reference:
