CentraState Medical Center Impacted by Data Breach
On or around February 10, 2023, CentraState Medical Center announced that a ransom ware attack paralyzed their Freehold facility. Around December 29, 2022, the company learned that a ransomware incident exposed sensitive and private information. An unknown actor was able to access the company’s health organization information, potentially leaving patient data vulnerable and 617,000 individuals at risk.
CentraState Medical Center (CSMC) is a New Jersey based non-profit organization that administers health and human services to women, children, and families throughout Monmouth County New Jersey. In late December, CSMC learned of a ransomware incident targeting its servers, but has not elaborated on this discovery. CSMC immediately engaged in an investigation, uncovering that an unauthorized actor had gain access to its systems around December 29, 2022 and at least 12 days following the attack, but CSMC did not start notifying health organizations until February 2023. Patients remained unaware for a significant period of time before hearing news of the data breach. This could have potentially left many individuals affected by fraud unaware of a likely reason.
Patient information such as names, addresses, dates of birth, Social Security numbers, health insurance information, medical records, patient account numbers and potentially much more has been exposed.
If you received a letter from CentraState Medical Center indicating that your information was involved in a data breach, fill out the this form to participate in Shub Law’s investigation.