Central Kentucky Radiology Reports 166,953 Americans Affected by Cybersecurity Breach

A Kentucky-based health care firm, Central Kentucky Radiology (CKR), has disclosed a significant cybersecurity breach that has potentially compromised the personal information of 166,953 Americans. The incident, which occurred between October 16 and October 18, 2024, involved an unauthorized actor accessing and copying files from certain systems within the firm's environment. The breach was detected on October 18, 2024, prompting CKR to immediately secure its systems and launch an investigation into the nature and scope of the event.

The compromised data may include sensitive personal information such as names, Social Security numbers, addresses, dates of birth, dates of medical service, and medical services charges. CKR conducted a detailed review of the potentially impacted files and completed this review on May 7, 2025, confirming that the information of affected individuals was contained within the compromised files.

In response to the breach, CKR has taken several steps to address the incident and protect affected individuals. The firm is reviewing its security policies and procedures and implementing additional measures to prevent further breaches. CKR is also offering complimentary credit monitoring services to individuals whose Social Security numbers or payment card details may have been compromised. This proactive approach aims to mitigate the risks associated with the exposure of sensitive information and provide affected individuals with resources to protect their personal data.

The potential exposure of Social Security numbers is particularly concerning, as this information can be used to commit a wide range of fraudulent activities. Individuals whose Social Security numbers have been compromised are advised to monitor their credit reports and consider placing a fraud alert or credit freeze on their accounts to prevent unauthorized access and potential identity theft.

This incident underscores the ongoing vulnerability of health care systems to cyberattacks. Despite increasing awareness and investment in cybersecurity measures, health care organizations continue to be prime targets for hackers due to the valuable nature of the data they hold. The breach at CKR highlights the need for robust security protocols and continuous monitoring to protect patient information and maintain trust with clients.

Health care providers must prioritize cybersecurity to safeguard patient information and maintain trust with their clients. This includes implementing strong encryption, regular security audits, and employee training on best practices for data protection. By investing in advanced security technologies and fostering a culture of data protection, health care organizations can better safeguard patient information and mitigate the risks associated with cyberattacks.

In response to the breach, CKR has emphasized its commitment to transparency and accountability. The firm has pledged to work closely with law enforcement and regulatory authorities to address the incident and to take all necessary steps to protect the affected individuals. CKR has also expressed its regret for any inconvenience or concern caused by the breach and has assured the public that it is taking the matter seriously.

The incident serves as a reminder of the importance of data protection in the health care industry. As cyber threats continue to evolve, it is essential for health care providers to remain vigilant and proactive in their approach to cybersecurity. By prioritizing data protection and implementing robust security measures, health care organizations can better safeguard patient information and mitigate the risks associated with cyberattacks.