Midjourney, the AI image generation company best known for producing pictures on demand, announced on Wednesday that it is opening a medical spa in San Francisco. Guests will be lowered into a tank of golden light while three hundred fifty-eight thousand ultrasonic transducers scan their bodies. The Register wrote it up. The underlying scanner technology is real — it’s a Caltech research project using hardware from Butterfly Network, the latter of whom Midjourney initially neglected to mention in its announcement and had to issue a press release on its own behalf. The company claims the scanner could prevent thirty percent of all deaths and fifty percent of healthcare costs, pending FDA approval, which it describes as the “next limit.”
The panel reads it not as a fraud but as a specific kind of pivot the industry has seen before. In 1994 there was a company called Imatron selling electron beam CT scanners to a chain of preventative scan centers called HealthCheck America. Drive in, get scanned, walk out with your calcium score. Same thirty-percent-of-deaths framing. The scan centers were everywhere by 1999. By 2005 most of them were closed, because insurance wouldn’t reimburse, the radiologists hated the false positives, and the company that made the scanners was acquired and broken up. The cycle takes about seven years to play out. The pieces in this round are the same.
The editorial center is a single distinction. Midjourney has spent four years optimizing models to produce outputs that look correct, which is a fundamentally different problem from medical imaging, where the image needs to correspond to the actual tissue inside the actual patient. A plausible-looking artifact in medical imaging is worse than a noisy one, because a radiologist might trust it. The company’s existing core competency — producing plausible images — is the worst possible skill to transfer into diagnostic medicine. Add to that a stated buildout of fifty thousand scanners by 2031 with capacity for a billion scans a month, a data governance posture that is currently the subject of multiple copyright suits, and an announcement that names neither the storage location nor the retention policy nor the training-use intent of the scans, and you have a company asking patients to trust it with the most intimate dataset that has ever been collected at scale. The breach announcement is already written. It just hasn’t been filed yet.
Topics
- Midjourney’s San Francisco medical spa: three hundred fifty-eight thousand ultrasonic transducers, the golden-light tank, the Caltech research origin
- The Butterfly Network hardware partnership Midjourney initially didn’t mention
- The thirty-percent-of-deaths and fifty-percent-of-healthcare-costs claims, and what an unqualified claim of that magnitude signals about how a company makes claims
- The Imatron / HealthCheck America 1994-to-2005 arc as the direct historical precedent
- The recurring “we’ve replaced the MRI” pitch across thirty years: open MRI in ‘98, 3T consumer systems in 2004, the portable MRI startups of 2011, Hyperfine’s fifteen-year actual-product journey
- The direct-to-consumer pivot as regulatory arbitrage — wellness as legal wrapper, the spa as customer acquisition surface and FDA-envelope workaround
- The plausible-versus-correct distinction at the core of the panel’s argument
- The dataset as the asset — what happens to a billion biometric scans tied to identities when a company is acquired, breached, or driven into bankruptcy
- The 23andMe precedent that came up: “founder cited it as a positive playbook; Legacy noted 23andMe is in bankruptcy and the dataset got sold
- The structural pattern of dotcom-era pivots into healthcare: companies whose core skill is a website or a model see healthcare as a giant addressable market with bad incumbents, and assume their core skill transfers. It never does.
Goat List Reasons referenced
- #14 — You can tell whether a goat has been debugged by looking at it.
- #41 — A goat will do practically anything to get more comfortable.
- #105 — You don’t need to mail anyone a core dump from a goat to fix a problem. The only time you would do this is to CAUSE a problem.
Source Article
Midjourney pivots from AI image generation to body scanning medical spa where patients bathe in ‘golden light’ — The Register, June 18, 2026. Reporting on Midjourney’s announcement of a medical-imaging spa in San Francisco using ultrasonic computational tomography scanners derived from Caltech research with hardware sourced from Butterfly Network, the company’s stated build-out target of fifty thousand scanners by 2031 and a billion scans a month, the claims of thirty percent reduction in all deaths and fifty percent reduction in healthcare costs, the FDA approval framing as the “next limit,” and the lack of any stated data governance posture covering storage, access, retention, or training-use of patient scan data.
Panel
- The Legacy Sysadmin
- The Paranoid CISO
- The Startup Founder
- The Goat Farmer’s Counsel
Transcript
Full episode transcript
HOST: Welcome back to Stake and Rope, from Goat Security. Today: Midjourney, the AI image generation company, announced on Wednesday that it’s opening a medical spa in San Francisco where guests will be lowered into a tank of golden light while three hundred fifty-eight thousand ultrasonic transducers scan their bodies. The Register wrote it up this week. The underlying technology is real — it’s a Caltech research project using hardware from Butterfly Network, which Midjourney initially neglected to mention in its announcement. The company claims it can prevent thirty percent of all deaths and fifty percent of healthcare costs, pending FDA approval, which they describe as the “next limit.” Joining me: the Founder, who I’m told has thoughts about pivots into new verticals. The Paranoid CISO, who I assume has already calculated how many body scans constitute a critical mass for adversary interest. The Legacy Sysadmin, who has seen medical imaging vendors promise to replace the MRI before. Goat Farmer’s here too.
HOST: Legacy, start us off. What does this remind you of?
LEGACY SYSADMIN: [sighs] It doesn’t remind me of anything. I lived it. In 1994 there was a company called Imatron selling electron beam CT as the replacement for conventional imaging. They had a deal with a chain of preventative scan centers — drive in, get scanned, walk out with your calcium score. The pitch was the same. We’re going to catch everything early. We’re going to prevent thirty, forty, fifty percent of deaths. The scan centers were everywhere by ‘99. By 2005 most of them were closed. Insurance wouldn’t reimburse, the radiologists hated the false positives, and the company that made the scanners was acquired and broken up.
FOUNDER: Okay but that’s exactly why this works now.
LEGACY SYSADMIN: Why does that work now.
FOUNDER: Direct to consumer. They’re not asking insurance. They’re not asking radiologists. They’re building a spa experience. The golden light pool? That’s the wedge. You don’t sell preventative imaging to insurance companies, you sell wellness to people with disposable income in San Francisco who already pay two hundred dollars for a cryotherapy session. The scan is the content. The spa is the distribution. This is the David Sinclair longevity-clinic playbook with better unit economics.
CISO: The scan is also the dataset.
FOUNDER: Right, and that’s the moat —
CISO: That’s not what I said.
HOST: CISO, walk us through it.
CISO: Midjourney’s announcement is silent on three things that should not be silent. Where the scans are stored. Who has access to them. And what they’re used for after the patient leaves. The company has said they want fifty thousand scanners deployed by 2031 with capacity for a billion scans a month. A billion full-body ultrasound tomography scans a month. That is the largest aggregated human imaging dataset that would have ever existed, by an order of magnitude. And it would be sitting at a company whose existing data governance posture is — let me be careful here — currently the subject of multiple copyright suits alleging they ingested the entire output of working artists without consent or attribution.
HOST: That’s the pattern, though. Hold on — Founder, before you respond. You’re going to say something about shipping fast and building in public. Let me push back on this one. The FDA approval gap isn’t a growth hack. It’s the entire regulatory premise of medical imaging. They’re proposing to operate scanners that produce MRI-quality output, with an explicit plan to expand diagnostic capability over time, and the strategy for that is “we’ll submit test results to the FDA.” That’s not shipping in public. That’s operating a medical device without clearance and calling the regulator a limit.
FOUNDER: Okay but —
HOST: And the security model is empty. Not weak — empty. They haven’t said one.
FOUNDER: Right, and that’s the bull case. [chuckles] No, hear me out. They’re shipping a v1 that’s deliberately non-diagnostic. “Body composition maps.” That’s outside the FDA’s diagnostic envelope. They’re using the spa as the legal wrapper. Same way 23andMe started — they couldn’t sell health insights so they sold ancestry, then they expanded into the health stuff once they had the dataset and the regulatory conversation. Regulatory arbitrage through consumer wellness framing. It’s not a bug, it’s the strategy.
LEGACY SYSADMIN: 23andMe is in bankruptcy.
FOUNDER: That’s a separate —
LEGACY SYSADMIN: And the dataset got sold.
GOAT FARMER: Yep.
HOST: Let’s stay on the imaging history for a minute. Legacy, you mentioned Imatron. There’s another one in here — the article notes Midjourney’s resolution is “on par with standard clinical MRIs but pales in comparison to more advanced designs.” This is a recurring pitch.
LEGACY SYSADMIN: Every five to seven years somebody announces they’ve replaced the MRI. In ‘98 it was open MRI. In 2004 it was 3T systems for the consumer market. In 2011 it was portable MRI startups, there were three of them, all venture-backed, all gone. Hyperfine actually made it to market with a real product and it took them fifteen years and they still don’t do what they originally pitched. The pattern is: the scanner works in a lab, the resolution number sounds competitive in the press release, and then it turns out the clinical workflow around the scanner — the radiologist reading it, the integration with the patient record, the false positive rate, the follow-up imaging required to clarify ambiguous findings — that’s where the cost lives and that’s what kills these.
CISO: And in this case the “AI pieces together MRI-like images” is doing enormous work in that sentence. The Caltech paper they’re borrowing from is real research. Ultrasound computational tomography is a real technique. But what Midjourney is adding is a generative reconstruction layer on top of it. They’re using AI to reconstruct images that look like MRIs.
HOST: Which is exactly the company’s existing core competency.
CISO: Which is exactly what concerns me. They have spent four years optimizing models to produce outputs that look correct. Not outputs that are correct. Outputs that look correct. That is a fundamentally different problem from medical imaging, where the image needs to correspond to the actual tissue inside the actual patient, and where a plausible-looking artifact is worse than a noisy one because a radiologist might trust it.
FOUNDER: [chuckles] Yeah but they’ll have the radiologist in the loop, right? Eventually they’ll partner with —
LEGACY SYSADMIN: They said the goal is a scan that takes a minute. Fifty thousand scanners. A billion scans a month. There aren’t enough radiologists in the world to read that. The whole point of the pitch is that there’s no radiologist.
GOAT FARMER:
Reason number 14. You can tell whether a goat has been debugged by looking at it.
HOST: Let me ask the structural question. CISO, you started to lay this out. The scan dataset itself. Walk us through the threat model, but start with the mundane case. Not the nation-state case. The boring breach case.
CISO: The boring case is sufficient. A spa in San Francisco, opening at the end of 2027, operated by a company that has not stated a data governance posture, collecting full-body ultrasound scans of paying customers. The scans are processed off-site — the article says “a massive cluster where thousands of computers split the task” — so the data leaves the spa. It transits some network. It lands somewhere. It’s stored somewhere. We don’t know where, we don’t know who can read it, we don’t know how long it’s retained, we don’t know whether scans get used to train future reconstruction models, we don’t know what happens when a customer asks for deletion, we don’t know what happens when Midjourney is acquired or goes bankrupt and the dataset becomes an asset of the bankruptcy estate.
CISO: That last one. That’s the 23andMe case. The dataset is the asset. The patient agreed to a scan; the patient did not agree to be a line item in a Chapter 11 filing six years later.
HOST: And the more advanced case?
CISO: [pause] I’ll be brief. Body composition data is intelligence. It identifies a person uniquely. It reveals medical conditions. It reveals pregnancy. It reveals prior surgeries, including ones the person hasn’t disclosed. A foreign service that gains read access to a billion scans tied to identities has built a biometric database that would have taken a national intelligence apparatus a decade to assemble through conventional means. The fact that the company collecting it has stated zero security commitments is the part that should concern you.
FOUNDER: Okay, that’s actually a great point for the marketing. Privacy-first imaging. They could partner with Signal, do an end-to-end encrypted scan pipeline, it becomes the differentiator —
LEGACY SYSADMIN: They could also just say what they’re doing now.
FOUNDER: Right, but the upside is —
LEGACY SYSADMIN: They haven’t. That’s the data point. The announcement went out, it’s been a week, the company has not issued clarification on storage, retention, or training use. Butterfly Network had to issue its own press release because Midjourney didn’t mention them. This is a company that does not write things down that it does not absolutely have to write down. That tells you the security posture.
HOST: Let me take one step back here, because I want to land this somewhere. The Caltech research is real. The Butterfly hardware is real. The fundamental scanner can do something. We’re not dealing with a fraud. We’re dealing with a real technology pivot from a company whose existing capabilities don’t include any of the things this pivot requires. Legacy, you’ve seen this pattern. What is it?
LEGACY SYSADMIN: [sighs] It’s the same pattern as the dotcom-era pivots into healthcare. Pets dot com tried to become a pet pharmacy. Webvan tried to become a same-day medical supply company. Companies whose core skill is a website or a model or a logistics network look at healthcare and see a giant addressable market with bad incumbents, and they think their core skill transfers. It never does. The reason healthcare has bad incumbents is that healthcare is a regulated, low-margin, liability-heavy business where you have to be right about the patient in front of you. None of those constraints are present in image generation. Midjourney is good at producing plausible images. That is the worst possible skill to transfer into diagnostic medicine, because in medicine the plausible image is the failure mode.
CISO: That’s well put.
HOST: Goat Farmer, anything?
GOAT FARMER:
Reason number 41. A goat will do practically anything to get more comfortable.
GOAT FARMER: A scanner that makes up an image when it doesn’t know what it’s looking at is worse than one that says it doesn’t know.
HOST: Let’s land the plane. Closing thoughts. Goat Farmer first.
GOAT FARMER:
Reason number 105. You don’t need to mail anyone a core dump from a goat to fix a problem. The only time you would do this is to CAUSE a problem.
GOAT FARMER: I don’t miss it.
FOUNDER: Look, I hear the room. I do. But I want to be honest about where I land on this. The pivot itself is bold. It might not work. Most pivots don’t. But the strategic instinct — find a regulated, high-margin vertical, attack it with a consumer wellness wedge, use the spa as both the customer acquisition surface and the legal wrapper, build the dataset on the way in — that’s a real playbook. The execution risk is enormous. The regulatory risk is enormous. The data governance risk is what the CISO said. But the founders are doing the thing where they bet the company on a non-obvious adjacency, and that’s the thing I respect even when I think they’re going to crater. I’d take the meeting.
CISO: I keep coming back to a single sentence in the announcement. They said the company “could avoid thirty percent of all deaths and fifty percent of all healthcare costs.” Not “with sufficient research.” Not “in a model where every patient has continuous imaging integrated with their care team.” Just — could. A company that makes a claim of that magnitude in a launch post, without qualification, has told you something important about how it makes claims. And what concerns me is that this is the same company that is, right now, asking patients to trust it with the most intimate dataset that has ever been collected at scale. The claims will continue. The dataset will continue to grow. And at some point someone will breach it, and the post-breach announcement will say that Midjourney takes the privacy of its customers very seriously. That announcement is already written. They just haven’t filed it yet.
LEGACY SYSADMIN: The Imatron scanners went into a chain called HealthCheck America. I drove past one of them in Walnut Creek for years after it closed — the building had the logo still on the awning, the parking lot was empty, and the equipment inside was being sold off in pieces because the company that bought Imatron didn’t want the consumer business. That’s where this ends. Not in scandal. Not in a breach, though there’ll be a breach. It ends in 2031 or 2032 with a quiet announcement that Midjourney Medical is winding down to focus on its core image generation business, and the spa in San Francisco becomes a Sweetgreen, and the scanners get sold to a research lab that uses them for the thing they were actually designed for. The dataset goes somewhere. Probably to a buyer. The customers find out from a press release.
HOST: A company that built its reputation on producing plausible images has decided the next market is the one where plausible isn’t good enough. We’ll see you next time.