NJ practice announces ransomware attack impacting 930 GB of data

Central Jersey Medical Center is notifying patients of a data breach that is linked to the ransomware group Sinobi. 

What happened

Central Jersey Medical Center (CJMC), which operates three centers in Perth Amboy, Carteret, and Newark, recently announced it had been the victim of a data breach. According to the notice posted on their website, an unauthorized party gained access to CJMC’s dental servers’ network on August 25th, 2025. 

Once the party accessed the network, they downloaded ransomware that encrypted files on CJMC’s network. Once CJMC discovered the attack, on or around October 13th, the practice immediately launched an investigation “to secure [their] network and determine the nature and scope of the activity.” 

Impacted data included demographic information (names, dates of birth, addresses, contact information), Social Security numbers, dental record numbers, health insurance information, dental diagnoses, treatment history, and/or billing information. 

The practice emphasized that their electronic medical record system was not involved in the incident, nor was financial information impacted. 

Going deeper

According to Beyond Machines, the attack was claimed by the Sinobi ransomware group. On their Tor leak site, the group claimed to have downloaded 930 GB of patient data. Ransom Live has reported that Sinobi currently has 111 victims, having promptly risen to prominence when the group first emerged in July of 2025. Sinobi has approximately 70 victims in the United States, and a few others scattered in countries like Argentina, France, and China. It’s currently unclear where the group may be based or if they have successfully received ransom payments. 

The big picture

On average, Sinobi has attacked 25 organizations each month, and still remains only one of many threat groups in existence. The frequency of attacks means that organizations should focus now more than ever on strengthening their cybersecurity measures. According to Paubox’s State of Cybersecurity report, it’s common for attacks to target poor security configurations or user vulnerabilities. With the right training and tools, however, both of these strategies can be rendered ineffective. 

FAQs

How did CJMC avoid having medical records breached? 

Some organizations keep certain records in different servers. This may be done for organizational purposes, but it can also make it harder for threat groups to infiltrate multiple systems. By having multiple networks, organizations may be able to better isolate events. 

Will CJMC pay a ransom?

CJMC has not specified what ransom was demanded or if they plan to negotiate. CJMC did state that they plan to strengthen their cybersecurity and are working with officials. It is generally not advised to pay ransoms, as it could result in being targeted again.