A Kentucky-based health care firm says a major cybersecurity incident may have exposed the personal information of more than a hundred thousand Americans.
The latest records from the U.S. Department of Health and Human Services show that Central Kentucky Radiology (CKR) suffered a hacking/IT incident affecting 166,953 Americans.
-->In a notice, CKR says that an unknown attacker breached the firm’s systems, stealing patient data that may include names, Social Security numbers, addresses, dates of birth, dates of medical service and medical services charges.
“On October 18, 2024, CKR became aware of a network disruption in its environment. CKR immediately took steps to secure our systems and launched an investigation into the nature and scope of the event. The investigation determined that from October 16 to October 18, 2024, an unauthorized actor accessed and copied files from certain systems in its environment.
In response, CKR conducted a detailed review of the potentially impacted files to understand their content and to whom they relate. On May 7, 2025, CKR completed this review and determined that information related to you was contained in the potentially impacted files.”
CKR is a doctor-led radiology medical group offering diagnostic and interventional imaging services to hospitals, outpatient centers and physician offices.
In light of the event, CKR says it is reviewing its security policies and procedures as well as implementing additional measures to stifle further breaches. The firm is also offering complimentary credit monitoring services to individuals whose Social Security numbers or payment card details may have been compromised.
