Cyber Incident Victim: Hawaii Radiologic Associates, Ltd.
Date:
Oct 2022
Location:
United States of America
Summary
Hawaii Radiologic Associates, Ltd. (HRA) experienced a cyberattack disrupting its operations as a radiology services provider. The organization confirmed unauthorized access to its systems, though specific impacts on patient data or clinical services were not publicly detailed. HRA initiated response protocols to secure its network and investigate the incident’s scope. The attack underscores broader cybersecurity risks facing healthcare entities handling sensitive medical information. No further details regarding attribution or remediation timelines were disclosed by the company.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 0 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Hawaii Radiologic Associates, Ltd. (HRA), a medical imaging provider serving multiple Hawaiian islands, experienced a cyber attack disrupting its operations on or around October 20, 2022. The incident forced HRA to take affected systems offline, leading to immediate service interruptions across its network of clinics. The company engaged third-party cybersecurity forensic experts to investigate the nature and scope of the breach while coordinating with law enforcement agencies. HRA did not publicly specify the attack vector or identify the threat actors involved. Internal teams worked to restore systems gradually, though the recovery process caused sustained operational challenges.
The attack significantly impacted patient care, resulting in canceled or rescheduled appointments for imaging services, including X-rays, MRIs, and CT scans. HRA notified patients about potential compromises to personal health information, though the extent of data exposure remained under investigation. A dedicated call center was established to address patient inquiries regarding appointment changes and privacy concerns. The company did not confirm whether ransomware was deployed or whether patient data was exfiltrated. Recovery efforts continued as of the latest public update, with no disclosed timeline for full restoration of services or completion of the forensic review.