New filings show that around June 25, 2024, the Radiological Society of North America (RSNA) detected unauthorized access to its network, resulting from a cybersecurity incident that potentially compromised "a limited number" of 1099 tax forms.
Data breach notification letters were sent to impacted parties on August 28 and redacted versions were publicly filed with the attorneys general of
Massachusetts and
Vermont.
"Upon learning of this issue, we immediately secured the environment and commenced a prompt and thorough investigation," the notifications state. "As part of our investigation, we have been working very closely with external cybersecurity professionals experienced in handling these types of incidents. After an extensive forensic investigation and manual document review, on July 26, 2024 we discovered that between June 20, 2024 and June 26, 2024, certain impacted files containing personal information may have been accessed and/or acquired by an unauthorized individual."
The notifications stress that there is currently no evidence that any of the compromised information has been used for identity theft or financial fraud.
To help protect against misuse of information, RSNA is offering identity theft protection services through IDX, a ZeroFox Company. IDX identity protection services include: months of credit and CyberScan monitoring, a $1,000,000 insurance reimbursement policy, and fully-managed ID theft recovery services.
Headquartered in Oakbrook, Illinois, RSNA is an association of radiologists, radiation oncologists, medical physicists, and related scientists. It provides members with educational resources, including continuing education credits and hosts the largest radiology conference in the world.
RSNA publishes six peer-reviewed journals on the topic of radiology, employs more than 349 people, and generates approximately $48 million in annual revenue.