Onsite Mammography, LLC, doing business as Onsite Women’s Health, a Massachusetts-based medical imaging service provider, has disclosed a significant data breach that compromised the sensitive personal and protected health information (PHI) of 357,265 individuals across the United States.
What happened
In October 2024, Onsite Mammography discovered unusual activity associated with one of its employees' email accounts. The company launched an investigation with third-party cybersecurity experts to determine the incident's nature and scope. The investigation revealed that an unauthorized third party had gained access to this single email account for a brief period between October 2 and October 4, 2024.
A comprehensive review concluded on February 21, 2025, identifying that the account contained PHI related to 357,265 individuals. The breach was publicly disclosed on April 22, 2025, via filings with the Maine and Texas Attorney General's Offices.
What's new
Onsite Mammography has begun notifying affected individuals via mail and has offered them 12 months of complimentary credit monitoring and identity protection services. The exposed information may include names in combination with one or more of the following: Social Security number, date of birth, driver’s license number, financial account information, credit card numbers, medical information (including mental and physical health conditions and care received), and health insurance information.
Several law firms, including Edelson Lechtzin LLP, Lynch Carpenter LLP, Levi & Korsinsky LLP, and Strauss Borrelli PLLC, have announced investigations into the breach. They are seeking to understand the extent of the compromise and explore potential legal remedies for affected individuals, including possible class action lawsuits.
Why it matters
The large scale of this data breach, affecting over 357,000 individuals, and the sensitivity of the compromised information raise significant concerns about the security of patient data within the healthcare industry. The exposure of Social Security numbers, financial details, and extensive medical information could lead to a risk of identity theft, financial fraud, and other malicious activities for the affected individuals.
What they're saying
Onsite Mammography stated that the unauthorized access was limited to a single employee's email account and that there is no evidence that any other systems within their network were accessed. The company also claims they have no reason to believe any information has been or will be misused as a result of this incident.
In an emailed statement to SecurityWeek, Onsite Mammography said, "Onsite Women’s Health identified unauthorized access to one employee’s email account as a result of a phishing email. The incident was limited in scope, and there is no evidence that the information has been misused. We took immediate action, engaged cybersecurity experts, notified law enforcement and notified affected individuals. We remain fully committed to safeguarding patient privacy and data security."
Looking ahead
Onsite Mammography has stated that they have implemented additional security measures to further minimize the risk of similar incidents. They have also notified law enforcement and are actively reviewing their data protection policies and procedures. Affected individuals are urged to remain vigilant for signs of identity theft or fraud by regularly reviewing their credit reports, account statements, and explanation of benefits forms. They are also advised to consider placing fraud alerts or credit freezes with the major credit reporting agencies and to take advantage of the free credit monitoring services offered by Onsite Mammography.
FAQs
What do credit monitoring services entail?
Tracking credit reports and alerting you to changes, helping detect fraud early.
What should affected individuals look out for?
Unfamiliar charges, suspicious communications, new unauthorized accounts, and changes in credit reports.
What is a phishing email?
A scam email that tries to trick you into giving away personal information via fake links or attachments.
