Northwest Radiologists HIPAA Breach Exposes 348K Patient Records

A major healthcare data breach has struck Washington state, affecting over 348,000 patients of Northwest Radiologists and Mount Baker Imaging. The incident, reported to the Department of Health and Human Services on January 20, 2026, represents one of the largest healthcare cyberattacks in recent months and highlights ongoing vulnerabilities in medical imaging networks.

What Happened

Northwest Radiologists and Mount Baker Imaging experienced a significant cybersecurity incident between January 20-25, 2025. Unauthorized actors gained access to the organization's network servers, compromising sensitive patient information stored on their systems.

The breach involved unauthorized network access that lasted five days, giving cybercriminals extensive time to potentially extract massive amounts of protected health information (PHI). This extended timeline raises serious questions about the organization's intrusion detection capabilities and incident response protocols.

The attack targeted network servers containing patient records spanning multiple years of radiology services. Northwest Radiologists, a prominent imaging provider in Washington state, serves thousands of patients across the region through various medical facilities and partnerships.

Who Is Affected

The breach impacted 348,118 individuals who received radiology services from Northwest Radiologists or Mount Baker Imaging. This includes:

• Current and former patients of Northwest Radiologists
• Patients who received imaging services at Mount Baker Imaging facilities
• Individuals whose records were stored on the compromised network servers
• Patients dating back several years, given the scope of data accessed

The large number of affected individuals suggests the breach accessed central patient databases containing historical records, not just recent patient information.

Breach Details

The cyberattack compromised multiple categories of sensitive patient information:

Personal Identifiers:

• Full names
• Home addresses
• Social Security numbers
• Dates of birth

Medical Information:

• Treatment details and procedures
• Diagnosis information
• Medical record numbers
• Radiology reports and imaging results

Insurance Data:

• Health insurance information
• Policy numbers
• Coverage details

The combination of personal, medical, and financial information makes this breach particularly concerning for identity theft and medical fraud risks. Social Security numbers paired with medical records create significant opportunities for cybercriminals to commit various forms of fraud.

The five-day window during which unauthorized access occurred suggests either delayed detection or challenges in containing the breach once discovered. Modern healthcare cybersecurity frameworks typically aim for much faster detection and response times.

What This Means for Patients

Patients affected by this breach face multiple risks:

Identity Theft: With names, addresses, dates of birth, and Social Security numbers exposed, patients are vulnerable to traditional identity theft schemes including fraudulent credit accounts and tax fraud.

Medical Identity Theft: Criminals may use stolen medical information to obtain healthcare services, prescription drugs, or file fraudulent insurance claims under patients' names.

Insurance Fraud: Health insurance information can be used to submit false claims or obtain medical services, potentially affecting patients' coverage limits and medical records.

Privacy Violations: Sensitive diagnosis and treatment information in wrong hands violates patient privacy and could lead to discrimination or personal embarrassment.

Financial Impact: Patients may face costs associated with credit monitoring, identity restoration services, and potential medical bills from fraudulent activity.

How to Protect Yourself

If you're affected by this breach, take these immediate steps:

Monitor Financial Accounts: Review bank statements, credit card bills, and insurance statements for unauthorized activity.

Check Credit Reports: Obtain free credit reports from all three bureaus and consider placing fraud alerts or credit freezes.

Watch Medical Records: Review explanation of benefits statements from insurance companies for services you didn't receive.

Monitor Medical Credit Reports: Check specialized medical credit reporting services for fraudulent medical accounts.

Stay Vigilant: Be suspicious of phishing emails, phone calls requesting personal information, or unexpected medical bills.

Document Everything: Keep records of all communications related to the breach and any suspicious activity.

Consider Identity Protection: Enroll in credit monitoring services, especially if offered by Northwest Radiologists as part of their breach response.

Prevention Lessons for Healthcare Providers

This incident offers critical lessons for healthcare organizations:

Network Segmentation: Isolating critical patient data systems can limit breach scope and impact.

Enhanced Monitoring: Advanced threat detection systems can identify unauthorized access faster than the five-day window seen here.

Access Controls: Implementing strong authentication and authorization controls reduces unauthorized network access risks.

Incident Response: Having tested response plans enables faster containment and reduces data exposure time.

Employee Training: Regular cybersecurity awareness training helps staff identify and report potential threats.

Vendor Management: Ensuring third-party partners maintain appropriate security standards protects shared data.

Regular Assessments: Conducting penetration testing and vulnerability assessments identifies weaknesses before criminals exploit them.

Healthcare providers must recognize that cybersecurity is not optional but essential for protecting patient trust and avoiding regulatory penalties. The average cost of healthcare data breaches continues rising, making prevention investments crucial.

As cyber threats evolve, healthcare organizations need comprehensive compliance strategies that address both technical safeguards and administrative procedures. This includes regular risk assessments, staff training, and incident response planning.

Protect your practice with AI-powered HIPAA compliance. Get started with HIPAA Agent.