Ransomware Attack on Central Jersey Medical Center Exposes Patient Data
Central Jersey Medical Center, a federally qualified health center in Perth Amboy, New Jersey, reported a ransomware attack that occurred on August 25. The incident involved unauthorized access to the center's dental servers, where a threat actor deployed ransomware to encrypt files across the IT network. The medical center, which operates school-based health centers in Newark, initiated an investigation and took steps to secure its systems upon discovering the breach.
The compromised data includes sensitive personal and health information such as names, dates of birth, addresses, telephone numbers, email addresses, race or ethnicity, Social Security numbers, dental record numbers, and health insurance details. The center is notifying affected individuals and has posted a breach notice on its website, but the total number of impacted people has not been disclosed. The attack highlights ongoing risks to healthcare providers and the potential exposure of patient data in ransomware incidents.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
1 event from the most recent confirmed update back to the earliest known activity.
Federally qualified health center reports ransomware breach
A federally qualified health center disclosed a ransomware-related data breach affecting its environment. The available references provide no additional details on the incident timeline, victim impact, or response actions beyond the breach report itself.
Sources
2 references tracked. Mallory keeps watching after this page renders.
See the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Multiple Healthcare Data Breaches and Regulatory Actions in the US
Several healthcare providers in the United States have recently disclosed significant data breaches resulting from cyberattacks, with patient and employee information being compromised. AllerVie Health, based in Texas, confirmed unauthorized access to its network, exposing sensitive data such as names, Social Security numbers, and insurance details, allegedly due to a ransomware attack by the Anubis group. The attackers claim to have stolen records of over 30,000 patients, and affected individuals have been offered credit monitoring and identity theft protection. In a separate incident, OrthopedicsNY, a healthcare provider in New York, suffered a breach in 2023 after attackers gained remote access using compromised credentials, leading to the exposure of data belonging to more than 650,000 patients and employees. The New York Attorney General secured a $500,000 penalty from OrthopedicsNY for failing to implement adequate security measures, and the provider is now required to enhance its data protection practices. Additionally, Singing River Health System in Mississippi reported a cyber incident that led to the temporary shutdown of its patient portal and internet access as a precaution. While the threat was reportedly mitigated, the investigation is ongoing to determine if patient records were accessed. These incidents highlight the ongoing risks faced by healthcare organizations from ransomware groups and other cybercriminals, as well as the increasing regulatory scrutiny and financial penalties for failing to protect sensitive health information. Impacted organizations are responding with offers of credit monitoring and reviews of their security policies, but the breaches underscore the need for robust cybersecurity measures in the healthcare sector.
Mar 21, 2026
Healthcare Ransomware Attacks Expose Patient Data at Major Providers
Richmond Behavioral Health Authority (RBHA) and MedStar Health, two major healthcare providers in the Mid-Atlantic region, have disclosed significant ransomware incidents resulting in the exposure of sensitive patient data. RBHA reported that hackers gained unauthorized access to its systems on September 29, 2025, deploying ransomware that encrypted files containing personal and protected health information for up to 113,232 individuals. Although RBHA stated there was no definitive evidence of patient data being accessed, the organization is notifying all potentially affected individuals and has implemented enhanced security measures, including third-party monitoring and stronger data policies. MedStar Health, which operates hospitals and care sites across Maryland, Virginia, and Washington D.C., confirmed a separate ransomware attack attributed to the Rhysida group, which claims to have exfiltrated 3.7 terabytes of data, including over 7 million pieces of patient information. The breach, occurring between September 12 and 16, 2025, involved the compromise of names, dates of birth, Social Security numbers, and detailed patient care information. MedStar has begun notifying affected patients and is offering complimentary identity monitoring services to those whose most sensitive data was exposed. Both incidents highlight the ongoing threat of ransomware to healthcare organizations and the significant risks to patient privacy and data security.
Mar 21, 2026
Recent Data Breaches at U.S. Healthcare Providers
Multiple U.S. healthcare organizations have recently disclosed data breaches resulting from unauthorized access to sensitive patient information. Expert MRI, a radiology provider in California, reported that an attacker accessed its network between June and August 2025, exfiltrating data such as names, addresses, dates of birth, diagnoses, and, for some, Social Security numbers. The PEAR threat group claimed responsibility and briefly listed stolen data on its leak site, suggesting a ransom may have been paid. Revere Health in Utah experienced a breach of a third-party payment platform, potentially exposing patient names, dates of birth, addresses, medical record numbers, and partial Social Security numbers, though no evidence of misuse was found. Health Management Systems of America in Michigan disclosed a breach after an employee fell victim to a spear phishing attack, resulting in the unauthorized download of emails containing patient data. These incidents highlight the ongoing risks faced by healthcare organizations from both targeted ransomware groups and opportunistic phishing attacks. In response, affected providers have reported the breaches to regulators, enhanced their cybersecurity measures, and offered credit monitoring to impacted individuals. The number of affected patients varies by incident, with Revere Health reporting up to 10,800 impacted and Expert MRI yet to disclose a total. The breaches underscore the importance of robust security practices and employee awareness training to mitigate the risk of data compromise in the healthcare sector.
Mar 21, 2026