Between January 21 and February 5, 2025, the Medusa ransomware group exfiltrated data from SimonMed Imaging (a large US radiology/medical imaging provider). Medusa claimed more than 212 GB of data exfiltrated and demanded $1 million ransom by February 21, 2025. SimonMed is no longer listed on Medusa’s leak site, suggesting ransom payment. Approximately 1,270,000 patients were affected. Exposed data included names, addresses, dates of birth, service dates, provider details, medical records, diagnoses, treatment details, medication information, insurance details, and driver’s license numbers.