Vital Imaging: Notice of Security Incident

Vital Imaging: Notice of Security Incident

Last Updated: August 22, 2025

Vital Imaging prioritizes the privacy and security of your information. This notice serves to inform you of a recent data security incident that resulted in the unauthorized acquisition of protected health information (PHI) and/or personally identifiable information (PII).

While our investigation remains ongoing, Vital Imaging believes it’s important to keep our community informed so individuals may take precautionary steps to protect their information.

What happened?

On February 13, 2025, Vital Imaging experienced a security incident that resulted in the unauthorized activity in its network. Upon learning of the incident, Vital Imaging engaged cybersecurity specialists to assist with the investigation, which remains ongoing. Vital Imaging also retained an independent data mining team to assist with the investigation, identify the types of data involved, and determine data ownership to facilitate appropriate notifications. As of July 16, 2025, the investigation has progressed to a stage where there is a reasonable belief that certain PHI and/or PII was accessed and acquired.

What information was involved?

At this stage in the investigation, it is too early to tell what specific information was involved. However, we believe that information affected by the incident may include medical information, insurance information, and demographic information (e.g., contact information, date of birth).

What is Vital Imaging doing?

We reported the incident to law enforcement and notified the Department of Health and Human Services of the security incident. We are also working with cybersecurity specialists to investigate the incident.

What can you do now?

As a general matter, one should remain vigilant by reviewing your explanation of benefits forms for suspicious activity and to detect errors.

• Be on the lookout and regularly monitor your explanation of benefits statements from your health plan and health care providers, as well as financial documents to check for any unfamiliar activity.
• If you notice any health care services you did not receive listed on an explanation of benefits statement, contact your health plan or doctor.
• If you notice any suspicious activity on bank, credit card statements or tax returns, contact your financial institution.
• If you believe you are the victim of a crime, contact local law enforcement authorities and file a police report.

Frequently Asked Questions

What types of data were affected?

The investigation remains on going. When we learn what information was involved, and to whom the information belongs to, affected individuals will receive a notice letter (or will otherwise be notified in accordance with law).

How will I be notified?

Vital Imaging will mail legal notices via United States Postal Services to affected individuals’ last known address.

What can I do to protect my information? 

As a general matter, one should remain vigilant by reviewing your credit reports, financial account statements, and explanation of benefits forms for suspicious activity and to detect errors. Some best security practices to safeguard your information to may include:

• implementation of multifactor authentication on your online accounts;
• avoidance of reuse of the same password or old passwords across accounts;
• use of strong passwords with a at least 8 characters (e.g., combination numbers; capitalized and lowercase letters, and symbols);
• keep your devices and software up to date with the latest security patches; and
• stay alert and keep an eye out for email phishing tactics and stay vigilant against suspicious communications.

Did you notify law enforcement?

Yes, and we notified the Department of Health and Human Services.

The contents of this page is subject to change, as the data review process remains ongoing. Vital Imaging reserves the right to update this page as needed.