What happened in the Mt. Baker Imaging data breach?

In January 2025, a ransomware attack on Mt. Baker Imaging and Northwest Radiologists exposed the protected health information of more than 340,000 patients.

How can affected patients receive compensation from the settlement?

Class members must submit valid claims by the August 19, 2026 deadline to be eligible for compensation from the $3.3 million settlement fund.

Why are medical imaging providers frequent targets for ransomware?

They hold large, diverse databases with diagnostic images, billing data, and full patient histories from multiple referrals, often relying on legacy systems and facing pressure to stay online.

Mt. Baker Imaging $3.3M Breach Settlement: 340K Patients Affected

Q: Did the healthcare providers admit fault for the breach?

No, the $3.3 million settlement does not constitute an admission of wrongdoing, which is standard for this type of class action resolution.

Q: Which organizations are involved in this breach settlement?

The settlement resolves a class action against Mt. Baker Imaging and Northwest Radiologists, two Washington State healthcare providers that share patient data.

Mt. Baker Imaging $3.3M Breach Settlement: 340K Patients Affected

A $3.3 million settlement is being distributed to resolve a class action lawsuit against Mt. Baker Imaging and Northwest Radiologists, two Washington State healthcare providers caught in a January 2025 ransomware attack that exposed the protected health information (PHI) of more than 340,000 patients. The case is a textbook example of a threat pattern that continues to grow across the U.S. healthcare sector: ransomware gangs targeting medical imaging providers and billing systems where sensitive patient data concentrates.

For patients affected, the settlement offers some financial remedy. But it also raises a broader question worth asking: what can individuals actually do to reduce their exposure when healthcare providers remain such persistent ransomware targets?

What Happened at Mt. Baker Imaging

Mt. Baker Imaging is a medical imaging provider operating in Washington State. It partners with Northwest Radiologists, a separate organization that interprets medical images on its behalf. The two entities share patient data as part of that workflow, which means a breach at one creates exposure through both.

In January 2025, a cyberattack was identified on the organizations' systems. Ransomware attacks on healthcare providers typically follow a familiar pattern: attackers gain access to internal networks, move laterally through systems, exfiltrate sensitive data, and then encrypt files to extort the victim. The breach affected upwards of 340,000 patients, and the resulting class action lawsuit alleged that the organizations failed to implement adequate security measures to protect patient information.

The $3.3 million settlement does not constitute an admission of wrongdoing, which is standard in class action resolutions of this type. Class members who submit valid claims by the August 19, 2026 deadline may be eligible for compensation.

Why Medical Imaging Providers Are High-Value Ransomware Targets

Medical imaging centers sit at an interesting intersection of clinical necessity and data sensitivity. They hold diagnostic images, referral records, billing information, insurance details, and full patient histories. Unlike a pharmacy or a GP's office, imaging centers also serve patients referred from multiple external providers, which means their databases can be exceptionally large and diverse.

Ransomware groups understand this. Healthcare was among the most targeted sectors for ransomware globally in recent years, and imaging providers specifically have appeared in multiple high-profile incidents. The combination of legacy software dependencies, complex vendor relationships (like the Mt. Baker and Northwest Radiologists arrangement), and the operational pressure to stay online at all costs makes these organizations attractive and vulnerable.

As ransomware continues to dominate healthcare cybersecurity threats, patients bear a disproportionate share of the long-term consequences, including identity theft risk, insurance fraud, and the exposure of sensitive diagnostic information that can affect employment or coverage decisions.

What This Means For You

If you received imaging services through Mt. Baker Imaging or Northwest Radiologists before or around January 2025, you may be a class member and eligible to file a claim. Check official settlement notices and court filings for eligibility criteria and submission instructions.

Beyond this specific settlement, the incident illustrates a hard truth: patients cannot control how a hospital or imaging center secures its internal network. The breach at Mt. Baker Imaging happened entirely within the provider's infrastructure. No action a patient takes on their own device or home network would have prevented it. That distinction matters when evaluating what personal security measures are actually useful.

What patients can control is their own behavior when interacting with healthcare portals and digital health services. These are separate concerns from a provider-side breach, but they are still worth addressing:

Privacy-first practices for managing your medical data online:

Use strong, unique passwords for every patient portal. Healthcare portals are increasingly targeted by credential stuffing attacks that exploit reused passwords from other breaches. A password manager makes this manageable.
Enable multi-factor authentication (MFA) wherever it is offered. Many patient portals now support MFA. Enabling it means a stolen password alone is not enough for an attacker to access your records.
Be cautious on public or shared Wi-Fi when accessing patient portals. On untrusted networks, your connection to a website can be observed by others on the same network. A VPN encrypts the traffic between your device and the internet, which reduces the risk of interception in transit. This is a meaningful protection for portal logins specifically, but it is entirely separate from what happened in the Mt. Baker Imaging breach, which occurred on the provider's own internal systems.
Review your explanation of benefits statements regularly. Fraudulent medical claims made using stolen PHI often appear in EOB statements before patients otherwise notice anything wrong.
Request your medical records periodically and review them for accuracy. Errors introduced by identity fraud or data manipulation can affect future care and insurance decisions. Many providers are required to provide records upon request, and reviewing them is a practical way to verify what information is on file.

Actionable Takeaways

The Mt. Baker Imaging settlement is a reminder that healthcare data breaches carry real financial and personal consequences, and that affected patients have legal recourse when organizations fail in their security obligations. If you believe you are a class member, look into the claim process before the August 2026 deadline.

More broadly, improving your own digital hygiene around healthcare portals is worthwhile independent of any single breach. Unique passwords, MFA, and caution on public networks all reduce your exposure in the ways you can actually influence. For the risks you cannot control, such as how a provider secures its internal network, staying informed about breaches that affect your records and monitoring your insurance and credit activity remains the most practical response.

Healthcare providers have a legal and ethical obligation to protect patient data. When they fall short, settlements like this one hold them accountable. But patient awareness is an equally important layer in the overall picture.

Mt. Baker Imaging $3.3M Breach Settlement: 340K Patients Affected

What Happened at Mt. Baker Imaging

Why Medical Imaging Providers Are High-Value Ransomware Targets

What This Means For You

Actionable Takeaways

// FAQ

// Related