This is a work in progress. While we strive for accuracy, some breach details may be incomplete or pending verification.

Spectrum Medical Imaging

Summary

Spectrum Medical Imaging, a Sydney-based independent radiology practice, suffered a ransomware attack by the INC Ransom group in January 2025. The attackers stole 149.7 gigabytes of data comprising almost 300,000 files, including patient scans, oncology information, and backups from the Liverpool practice. The complete dataset was published on the dark web after Spectrum initially indicated they were unaware of the incident.

What Happened

INC Ransom listed Spectrum Medical Imaging on their dark web blog in January 2025, claiming to have stolen 149.7 gigabytes of data and threatening to publish it within four days. Initially, Spectrum Medical Imaging stated they were unaware of the incident and had not been contacted by the ransomware group.

When the ransom demand went unmet, INC Ransom published the complete dataset, which comprised folders containing patient medical scans, oncology information, and several backup files from Spectrum's Liverpool practice location. The stolen data included patient names, dates of birth, contact details, and sensitive health information.

Impact on Individuals

The breach exposed highly sensitive medical information including:

  • Patient medical imaging and scans
  • Oncology information for cancer patients
  • Personal identifying information (names, dates of birth, contact details)
  • Health records and medical history

Medical imaging breaches are particularly serious as they can reveal sensitive diagnoses and health conditions. Cancer patients whose oncology information was exposed face additional privacy concerns regarding their medical status.

Organisational Response

Spectrum Medical Imaging began notifying affected patients in mid-February, after the data was publicly released. The notification process continued for months, with the practice still contacting patients three months after the initial attack. The company confirmed that an unauthorised third party had gained access to their IT systems and certain patient records, and began working to remediate the breach and notify all affected individuals. +++

Verification Source: View original statement