MBIL
Company Details
Linkedin ID:
mt.-baker-imaging-llc
Website:
Employees number:
55
Number of followers:
96
NAICS:
621
Industry Type:
Homepage:
mtbakerimaging.com
IP Addresses:
0
Company ID:
MT._1793822
Scan Status:
In-progress
MT. BAKER IMAGING, LLC Company CyberSecurity Posture
mtbakerimaging.com
Committed to delivering precision medicine tools to local providers, while delivering compassionate and comfortable care to our patients.
MT. BAKER IMAGING, LLC A.I CyberSecurity Scoring
MBIL Risk Score (AI oriented)Between 700 and 749
MBIL
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
MBIL Global Score (TPRM)XXXX
MBIL
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
MBIL Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Northwest Radiologists / Mt. Baker Imaging (MBI)
Breach
Rankiteo Explanation
Attack threatening the organization's existence
Description: In January 2024, hackers breached the systems of Northwest Radiologists / Mt. Baker Imaging (MBI), gaining unauthorized access to sensitive patient records of over 348,000 Washington residents. The compromised data included full names, Social Security numbers, diagnoses, treatments, addresses, driver’s license numbers, email addresses, phone numbers, and patient IDs. While the company claimed no evidence of misuse, the breach exposed highly sensitive medical and personally identifiable information (PII), posing long-term risks of identity theft, fraud, and emotional distress.The company delayed notifications for nearly 10 months, initially downplaying the incident as a 'computer network disruption' before admitting it was a data breach. A class-action lawsuit was filed in April 2024, alleging negligence and inadequate cybersecurity, violating state and federal laws. The breach’s scale and the nature of the stolen data including medical histories and financial identifiers heighten the severity, as such information is prime for exploitation in fraud, phishing, or blackmail. The company’s slow response and lack of transparency further exacerbated the fallout.
MBIL Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for MBIL
Incidents vs Medical Practices Industry Average (This Year)
No incidents recorded for MT. BAKER IMAGING, LLC in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for MT. BAKER IMAGING, LLC in 2026.
Incident Types MBIL vs Medical Practices Industry Avg (This Year)
No incidents recorded for MT. BAKER IMAGING, LLC in 2026.
Incident History — MBIL (X = Date, Y = Severity)
MBIL cyber incidents detection timeline including parent company and subsidiaries
MBIL Company Subsidiaries
Committed to delivering precision medicine tools to local providers, while delivering compassionate and comfortable care to our patients.
Loading...
MBIL Similar Companies
Hamad Medical Corporation
Hamad Medical Corporation (HMC) is the main provider of secondary and tertiary healthcare in Qatar and one of the leading hospital providers in the Middle East. For more than three decades, HMC has been dedicated to delivering the safest, most effective and compassionate care to all its patients.
.png)
MBIL CyberSecurity News
January 24, 2026 09:51 PM
Kataria calls for team to boost cybersecurity
Punjab Governor and UT Administrator Gulab Chand Kataria on Saturday stressed the need to create a dedicated and trained team to strengthen...
January 24, 2026 07:00 PM
🔒 What is a VPN Portal- Learn why VPN portals are important for online security #VPNPortal #VPNSecurity #FreeVPNRisks #ssl #vpn #VPNSafety #VPNDisadvantages #VPNAndroid #CyberSecurity #OnlineSafety
January 24, 2026 02:28 PM
Germany news: Berlin vows aggressive cybersecurity stance
Berlin promises to take down bad cyber actors and a new report prompts questions of whether police should carry Tasers to keep them from...
January 24, 2026 11:30 AM
AgweekTV Full Show: Disappearing topsoil, bull genetics, virtual fencing, cybersecurity in ag
Disappearing topsoil is a big problem for land and bottom line. Expert advice for picking the best bull genetics. Keeping cattle right where...
January 24, 2026 10:46 AM
2026 CISO AI Risk Report
Introduction. Many security leaders didn't authorize AI expansion. It happened around them. Someone plugged in a copilot in a SaaS tool or...
January 24, 2026 10:00 AM
National Cyber Security Summit: Cybersecurity a strategic business risk
It's been a busy time for New Zealand's National Cyber Security Centre as it takes an unprecedentedly proactive posture to cyber threats.
January 24, 2026 09:48 AM
Data Deletion: Why Erasing Your Information Matters More Than Ever
Data deletion is a great way to reduce your digital footprint and lower the risk of cybercrime – here's a guide to deleting your data...
January 24, 2026 09:08 AM
Why Cybersecurity Works Better When Defenders Share Data
This post is also available in: עברית (Hebrew). Organizations are increasingly expected to share data across corporate boundaries, yet cybersecurity risks...
January 24, 2026 08:32 AM
Why AI is exposing the limits of automated security decision-making
When cybercriminals are designing ways to deliver malware, hiding payloads within files remains one of the most common and, for them,...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
MBIL CyberSecurity History Information
Official Website of MT. BAKER IMAGING, LLC
The official website of MT. BAKER IMAGING, LLC is http://mtbakerimaging.com.
MT. BAKER IMAGING, LLC’s AI-Generated Cybersecurity Score
According to Rankiteo, MT. BAKER IMAGING, LLC’s AI-generated cybersecurity score is 700, reflecting their Moderate security posture.
How many security badges does MT. BAKER IMAGING, LLC’ have ?
According to Rankiteo, MT. BAKER IMAGING, LLC currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has MT. BAKER IMAGING, LLC been affected by any supply chain cyber incidents ?
According to Rankiteo, MT. BAKER IMAGING, LLC has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does MT. BAKER IMAGING, LLC have SOC 2 Type 1 certification ?
According to Rankiteo, MT. BAKER IMAGING, LLC is not certified under SOC 2 Type 1.
Does MT. BAKER IMAGING, LLC have SOC 2 Type 2 certification ?
According to Rankiteo, MT. BAKER IMAGING, LLC does not hold a SOC 2 Type 2 certification.
Does MT. BAKER IMAGING, LLC comply with GDPR ?
According to Rankiteo, MT. BAKER IMAGING, LLC is not listed as GDPR compliant.
Does MT. BAKER IMAGING, LLC have PCI DSS certification ?
According to Rankiteo, MT. BAKER IMAGING, LLC does not currently maintain PCI DSS compliance.
Does MT. BAKER IMAGING, LLC comply with HIPAA ?
According to Rankiteo, MT. BAKER IMAGING, LLC is not compliant with HIPAA regulations.
Does MT. BAKER IMAGING, LLC have ISO 27001 certification ?
According to Rankiteo,MT. BAKER IMAGING, LLC is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of MT. BAKER IMAGING, LLC
MT. BAKER IMAGING, LLC operates primarily in the Medical Practices industry.
Number of Employees at MT. BAKER IMAGING, LLC
MT. BAKER IMAGING, LLC employs approximately 55 people worldwide.
Subsidiaries Owned by MT. BAKER IMAGING, LLC
MT. BAKER IMAGING, LLC presently has no subsidiaries across any sectors.
MT. BAKER IMAGING, LLC’s LinkedIn Followers
MT. BAKER IMAGING, LLC’s official LinkedIn profile has approximately 96 followers.
NAICS Classification of MT. BAKER IMAGING, LLC
MT. BAKER IMAGING, LLC is classified under the NAICS code 621, which corresponds to Ambulatory Health Care Services.
MT. BAKER IMAGING, LLC’s Presence on Crunchbase
No, MT. BAKER IMAGING, LLC does not have a profile on Crunchbase.
MT. BAKER IMAGING, LLC’s Presence on LinkedIn
Yes, MT. BAKER IMAGING, LLC maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/mt.-baker-imaging-llc.
Cybersecurity Incidents Involving MT. BAKER IMAGING, LLC
As of January 24, 2026, Rankiteo reports that MT. BAKER IMAGING, LLC has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
MT. BAKER IMAGING, LLC has an estimated 9,110 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at MT. BAKER IMAGING, LLC ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does MT. BAKER IMAGING, LLC detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an incident response plan activated with yes (worked with fbi and third-party forensic specialists), and third party assistance with fbi, third party assistance with third-party forensic specialists, and law enforcement notified with yes (fbi involved), and recovery measures with review of impacted data and patient notification process, and communication strategy with delayed patient notification (letters sent oct. 31, 2023), incident response line (mon–fri, 9 am–9 pm et)..
Incident Details
Can you provide details on each incident ?
Title: Data Breach at Mt. Baker Imaging and Northwest Radiologists
Description: Hackers accessed sensitive patient records at Mt. Baker Imaging and Northwest Radiologists in January 2023, compromising data of over 348,000 Washington residents. The breach included personally identifiable information (PII) such as names, Social Security numbers, diagnoses, treatment details, addresses, driver’s license numbers, email addresses, phone numbers, and patient identification numbers. The company delayed notifying affected individuals and the state for nearly 10 months, citing an ongoing investigation. A class-action lawsuit was filed in April 2023, alleging negligence and inadequate security measures.
Date Detected: 2023-01-20
Date Publicly Disclosed: 2023-03-01
Type: Data Breach
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach MT.2802328110625
Data Compromised: First and last names, Social security numbers, Diagnosis and treatment information, Addresses, Driver’s license numbers, Email addresses, Phone numbers, Patient identification numbers
Operational Impact: Computer network disruption (Jan. 20–25, 2023)
Brand Reputation Impact: Significant (delayed disclosure, class-action lawsuit, media scrutiny)
Legal Liabilities: Class-action lawsuit filed (April 25, 2023) for alleged negligence and violation of state/federal laws
Identity Theft Risk: High (PII and sensitive medical data exposed)
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personally Identifiable Information (Pii), Protected Health Information (Phi) and .
Which entities were affected by each incident ?
Incident : Data Breach MT.2802328110625
Entity Name: Mt. Baker Imaging and Northwest Radiologists
Entity Type: Healthcare Provider
Industry: Diagnostic Imaging
Location: Whatcom County, Washington, USA
Size: 6 locations
Customers Affected: 348,000+ Washington residents
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach MT.2802328110625
Incident Response Plan Activated: Yes (worked with FBI and third-party forensic specialists)
Third Party Assistance: Fbi, Third-Party Forensic Specialists.
Law Enforcement Notified: Yes (FBI involved)
Recovery Measures: Review of impacted data and patient notification process
Communication Strategy: Delayed patient notification (letters sent Oct. 31, 2023), incident response line (Mon–Fri, 9 AM–9 PM ET)
What is the company's incident response plan?
Incident Response Plan: The company's incident response plan is described as Yes (worked with FBI and third-party forensic specialists).
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through FBI, Third-party forensic specialists, .
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach MT.2802328110625
Type of Data Compromised: Personally identifiable information (pii), Protected health information (phi)
Number of Records Exposed: 348,000+
Sensitivity of Data: High (includes SSNs, medical diagnoses, treatment details)
Data Exfiltration: Yes
Personally Identifiable Information: NamesSocial Security numbersAddressesDriver’s license numbersEmail addressesPhone numbersPatient IDsDiagnosis/treatment records
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Data Breach MT.2802328110625
Data Exfiltration: Yes (data breach confirmed)
How does the company recover data encrypted by ransomware ?
Data Recovery from Ransomware: The company recovers data encrypted by ransomware through Review of impacted data and patient notification process.
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Breach MT.2802328110625
Regulations Violated: Washington State data breach notification law (delayed disclosure), Potential HIPAA violations (unauthorized access to PHI),
Legal Actions: Class-action lawsuit filed (April 25, 2023) in Whatcom County Superior Court
Regulatory Notifications: Washington State Office of the Attorney General (notified in July 2023, ~7 months after breach)
How does the company ensure compliance with regulatory requirements ?
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through Class-action lawsuit filed (April 25, 2023) in Whatcom County Superior Court.
References
Where can I find more information about each incident ?
Incident : Data Breach MT.2802328110625
Source: Cascadia Daily News
Incident : Data Breach MT.2802328110625
Source: Washington State Office of the Attorney General (data breach report)
Incident : Data Breach MT.2802328110625
Source: Class-action lawsuit filing (Whatcom County Superior Court)
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Cascadia Daily News, and Source: Washington State Office of the Attorney General (data breach report), and Source: Class-action lawsuit filing (Whatcom County Superior Court).
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach MT.2802328110625
Investigation Status: Ongoing (as of October 2023, per delayed notification)
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Delayed patient notification (letters sent Oct. 31, 2023), incident response line (Mon–Fri and 9 AM–9 PM ET).
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach MT.2802328110625
Stakeholder Advisories: Patient notification letters (dated Oct. 31, 2023)
Customer Advisories: Incident response line (Mon–Fri, 9 AM–9 PM ET)
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Patient notification letters (dated Oct. 31, 2023), Incident response line (Mon–Fri and 9 AM–9 PM ET).
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach MT.2802328110625
High Value Targets: Patient records (PII/PHI)
Data Sold on Dark Web: Patient records (PII/PHI)
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach MT.2802328110625
Root Causes: Alleged negligence and inadequate cybersecurity measures (per lawsuit)
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Fbi, Third-Party Forensic Specialists, .
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2023-01-20.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2023-03-01.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were First and last names, Social Security numbers, Diagnosis and treatment information, Addresses, Driver’s license numbers, Email addresses, Phone numbers, Patient identification numbers and .
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was fbi, third-party forensic specialists, .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Phone numbers, Email addresses, Social Security numbers, Diagnosis and treatment information, First and last names, Driver’s license numbers, Patient identification numbers and Addresses.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 348.0K.
Regulatory Compliance
What was the most significant legal action taken for a regulatory violation ?
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was Class-action lawsuit filed (April 25, 2023) in Whatcom County Superior Court.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Washington State Office of the Attorney General (data breach report), Cascadia Daily News and Class-action lawsuit filing (Whatcom County Superior Court).
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing (as of October 2023, per delayed notification).
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was Patient notification letters (dated Oct. 31, 2023), .
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued were an Incident response line (Mon–Fri and 9 AM–9 PM ET).
.png)
Latest Global CVEs (Not Company-Specific)
Description
Typemill is a flat-file, Markdown-based CMS designed for informational documentation websites. A reflected Cross-Site Scripting (XSS) exists in the login error view template `login.twig` of versions 2.19.1 and below. The `username` value can be echoed back without proper contextual encoding when authentication fails. An attacker can execute script in the login page context. This issue has been fixed in version 2.19.2.
Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Description
A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the DomainCheckerApp class within domain/script.js of Sourcecodester Domain Availability Checker v1.0. The vulnerability occurs because the application improperly handles user-supplied data in the createResultElement method by using the unsafe innerHTML property to render domain search results.
Description
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Modern Image Gallery App v1.0 within the gallery/upload.php component. The application fails to properly validate uploaded file contents. Additionally, the application preserves the user-supplied file extension during the save process. This allows an unauthenticated attacker to upload arbitrary PHP code by spoofing the MIME type as an image, leading to full system compromise.
Description
A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at jailer startup, if the jailer is executed with root privileges. To mitigate this issue, users should upgrade to version v1.13.2 or 1.14.1 or above.
Risk Information
cvss3
Base: 6.0
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
cvss4
Base: 6.0
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description
An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the Aptsys gemscms backend platform thru 2025-05-28. This unauthenticated endpoint returns a list of cashier accounts, including names, email addresses, usernames, and passwords hashed using MD5. As MD5 is a broken cryptographic function, the hashes can be easily reversed using public tools, exposing user credentials in plaintext. This allows remote attackers to perform unauthorized logins and potentially gain access to sensitive POS operations or backend functions.
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=mt.-baker-imaging-llc' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
