Trinitas Regional Medical Center, Greenbaum Rowe Smith and Davis, Hackensack Meridian Health and Atlantic Health System: New Jersey Cyber Attack May Have Exposed Patient Data

Trinitas Regional Medical Center, Greenbaum Rowe Smith and Davis, Hackensack Meridian Health and Atlantic Health System: New Jersey Cyber Attack May Have Exposed Patient Data

Cyberattack on New Jersey Law Firm Exposes Nearly 13,000 Patients’ Sensitive Data

A cyberattack on New Jersey-based law firm Greenbaum Rowe Smith and Davis compromised the protected health information (PHI) of 12,801 individuals, including patients from major healthcare providers. The breach, detected on November 27, 2025, involved unauthorized access to the firm’s systems via a compromised user account.

Following the discovery, Greenbaum reset passwords, notified law enforcement, and launched an investigation, which concluded on April 15. The probe confirmed that an unauthorized third party accessed and acquired sensitive data, including names, addresses, Social Security numbers, dates of birth, medical records, and health insurance details. The breach was publicly listed on May 18 by the U.S. Department of Health and Human Services’ Office for Civil Rights, as required for incidents affecting 500 or more individuals.

Greenbaum represents prominent healthcare systems, including Atlantic Health System, Hackensack Meridian Health, and Trinitas Regional Medical Center, and the breach may have impacted patients across all three. While there is no evidence the stolen data has been misused or published, affected individuals are being notified via mailed letters.

Hackensack Meridian Health, the state’s largest healthcare provider, acknowledged the incident, emphasizing its concern for those affected. Though the breach did not occur on its own systems, the organization stated it is coordinating with Greenbaum on the response.

In response to the attack, Greenbaum has strengthened its cybersecurity measures and is offering identity theft protection services and a dedicated call center for impacted individuals. Those affected can enroll in the services by September 29 via a provided hotline or website.

Source: https://www.govtech.com/security/new-jersey-cyber-attack-may-have-exposed-patient-data

Greenbaum, Rowe, Smith & Davis LLP cybersecurity rating report: https://www.rankiteo.com/company/greenbaum-rowe-smith-&-davis-llp

Hackensack Meridian Health cybersecurity rating report: https://www.rankiteo.com/company/hackensackmeridianhealth

RWJBarnabas Health cybersecurity rating report: https://www.rankiteo.com/company/rwjbarnabashealth

Atlantic Group cybersecurity rating report: https://www.rankiteo.com/company/the-atlantic-group

"id": "GREHACRWJTHE1783635866",
"linkid": "greenbaum-rowe-smith-&-davis-llp, hackensackmeridianhealth, rwjbarnabashealth, the-atlantic-group",
"type": "Breach",
"date": "11/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '12,801 individuals',
                        'industry': 'Legal Services',
                        'location': 'New Jersey, USA',
                        'name': 'Greenbaum Rowe Smith and Davis',
                        'type': 'Law Firm'},
                       {'industry': 'Healthcare',
                        'location': 'New Jersey, USA',
                        'name': 'Atlantic Health System',
                        'type': 'Healthcare Provider'},
                       {'industry': 'Healthcare',
                        'location': 'New Jersey, USA',
                        'name': 'Hackensack Meridian Health',
                        'size': 'Largest healthcare provider in New Jersey',
                        'type': 'Healthcare Provider'},
                       {'industry': 'Healthcare',
                        'location': 'New Jersey, USA',
                        'name': 'Trinitas Regional Medical Center',
                        'type': 'Healthcare Provider'}],
 'attack_vector': 'Compromised user account',
 'customer_advisories': 'Mailed letters to affected individuals with '
                        'instructions for identity theft protection enrollment',
 'data_breach': {'data_exfiltration': 'Yes',
                 'number_of_records_exposed': '12,801',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High (PHI and PII)',
                 'type_of_data_compromised': ['Names',
                                              'Addresses',
                                              'Social Security numbers',
                                              'Dates of birth',
                                              'Medical records',
                                              'Health insurance details']},
 'date_detected': '2025-11-27',
 'date_publicly_disclosed': '2026-05-18',
 'date_resolved': '2026-04-15',
 'description': 'A cyberattack on New Jersey-based law firm Greenbaum Rowe '
                'Smith and Davis compromised the protected health information '
                '(PHI) of 12,801 individuals, including patients from major '
                'healthcare providers. The breach involved unauthorized access '
                'to the firm’s systems via a compromised user account.',
 'impact': {'brand_reputation_impact': 'Potential reputational damage to '
                                       'affected healthcare providers and the '
                                       'law firm',
            'data_compromised': 'Protected health information (PHI) including '
                                'names, addresses, Social Security numbers, '
                                'dates of birth, medical records, and health '
                                'insurance details',
            'identity_theft_risk': 'High (due to exposure of Social Security '
                                   'numbers and other PII)',
            'systems_affected': "Law firm's systems"},
 'investigation_status': 'Concluded',
 'post_incident_analysis': {'corrective_actions': 'Strengthened cybersecurity '
                                                  'measures, identity theft '
                                                  'protection services for '
                                                  'affected individuals',
                            'root_causes': 'Compromised user account'},
 'references': [{'source': 'U.S. Department of Health and Human Services’ '
                           'Office for Civil Rights'}],
 'regulatory_compliance': {'regulations_violated': ['HIPAA'],
                           'regulatory_notifications': 'Reported to U.S. '
                                                       'Department of Health '
                                                       'and Human Services’ '
                                                       'Office for Civil '
                                                       'Rights'},
 'response': {'communication_strategy': 'Mailed letters to affected '
                                        'individuals, public disclosure via '
                                        'HHS OCR',
              'containment_measures': 'Password reset for compromised accounts',
              'incident_response_plan_activated': 'Yes',
              'law_enforcement_notified': 'Yes',
              'recovery_measures': 'Offering identity theft protection '
                                   'services and dedicated call center for '
                                   'impacted individuals',
              'remediation_measures': 'Strengthened cybersecurity measures'},
 'stakeholder_advisories': 'Coordination with affected healthcare providers '
                           '(e.g., Hackensack Meridian Health)',
 'title': 'Cyberattack on New Jersey Law Firm Exposes Nearly 13,000 Patients’ '
          'Sensitive Data',
 'type': 'Data Breach'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.