Balance Diagnostics Data Breach
Balance Diagnostics Imaging Services Breach (2025): Patient SSN & Home Address Exposed
Diagnostics and imaging services provider.
Risk Interpretation
High risk of identity theft, medical fraud, and privacy harm. Test-related healthcare data can also support targeted scams exploiting health concerns or treatment status.
Impact & Downstream Threats
The institutional impact on Balance Diagnostics is meaningful given the practice's regional scale relative to the breach. Federal HIPAA notification obligations, an Office for Civil Rights review, attorney-general filings, and active class-action investigations are all underway. The Everest gang's release of the full dataset rather than holding it in private extortion creates direct evidence of broad data exposure and strengthens future litigation. Operationally, the practice continues to provid
- Identity theft and synthetic identity construction using government-issued IDs
- SIM swap attacks where phone numbers are present
- Targeted phishing campaigns using exposed email addresses
- Doxxing risk from physical address exposure
Threat Vectors
Breach Intelligence
Executive Summary
Balance Diagnostics, a medical imaging provider based in Cedarhurst, New York, was attacked on May 6, 2025 by the Everest ransomware operation. Initial samples of stolen data appeared on Everest's dark-web leak page immediately after the incident. The full cache, containing approximately 31,000 records, was released publicly on June 18, 2025 after ransom demands went unmet.\n\nThe breach affected approximately 26,000 individuals based on the records indexed by breach-tracking services. Compromised fields included names, email addresses, phone numbers, home addresses, and Social Security numbers. As a medical imaging provider, the underlying records exfiltrated by the attackers also include diagnostic imaging studies, referring-physician details, billing records, and insurance information typical of an outpatient radiology operation.\n\nFor affected patients, the practical risk profile combines identity-fraud exposure with medical-imaging-specific risks. The combination of name, address, and Social Security number is a strong base for synthetic identity fraud and fraudulent credit applications. Inclusion in the dataset confirms a diagnostic-imaging relationship and likely identifies the referring physician, which can support medical-themed phishing referencing real imaging studies, results, or insurance disputes. Affected patients should freeze credit at all three U.S. bureaus, monitor health-insurance statements for unfamiliar imaging or diagnostic charges, and treat unsolicited contact referencing Balance Diagnostics, imaging studies, or referring physicians with caution.
About Balance Diagnostics
Balance Diagnostics is a U.S.-based medical imaging and diagnostics services provider, headquartered in Cedarhurst, New York. The company offers medical imaging services typical of a regional outpatient diagnostic provider, including radiology, ultrasound, and related testing services for referring physicians and patients. As a HIPAA-regulated healthcare provider, Balance Diagnostics maintains patient identity, contact, insurance, billing, and diagnostic-imaging records, alongside referral relationships with primary care and specialty practices across its service area. Patient relationships are typically transactional and tied to specific referrals rather than long-term care, which influences how the practice handles longitudinal records.
Why They Hold Your Data
Diagnostic and testing providers collect patient identity, contact, insurance, billing, appointment, and test-related medical records across clinical and administrative workflows.
Recent Developments
Balance Diagnostics was attacked on May 6, 2025 by the Everest ransomware gang. Initial data samples appeared on dark-web leak pages immediately after the incident, and the full dataset of approximately 31,000 records was released on June 18, 2025 after ransom demands went unmet. The practice has not publicly disclosed extensive operational detail about the incident as of this writing. The Everest gang has been an active extortion group throughout 2024 and 2025 with multiple healthcare-sector victims. Class-action investigations by U.S. plaintiff law firms followed the dataset release in mid-2025. HHS Office for Civil Rights review obligations apply.
Data Points Exposed
Exposure Categories
Canonical Fields
email_address, phone_number, physical_address:home, ssn
Dark Web Verification
- Dataset containing ~26K records identified in breach intelligence sources
- Data indexed and searchable across breach notification platforms
- Source: balance-diagnostics-2025
Recommended Actions
⚠️ Do not assume this is low sensitivity.
Protect Yourself
Check If You’re Affected
Enter your email to check if your data appears in this breach.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed.
High-Risk? Get an Exposure Audit
Full-spectrum exposure audits for executives and public figures.
ObscureIQ Advisory
We combine proprietary dark web access with commercial and restricted breach intelligence to verify exposure and assess real-world risk.
- A public-facing individual
- A high-profile executive
- A customer of Balance Diagnostics
- Or concerned about credential reuse
Powered by the ObscureIQ Breach Intelligence Database
© 2026 ObscureIQ · All Rights Reserved · Data Licensing
Latest from ObscureIQ
What Is Credit Monitoring? And Do I Want It? (Answer: Not Really)
Lock Down Browsers. Wipe Employee Footprints. Win Breach Wars.
Sextortion Spam