Greater Mental Health of New York 2025 Data Breach

Greater Mental Health of New York Behavioral Health Provider Breach (2025): 61K Patient & Employee Records Including SSN Exposed via Sinobi Ransomware | ObscureIQ
ObscureIQ Breach Intelligence

Classification Tags

SinobiRansomware / ExtortionMedicalMental HealthEmail AddressFull NamePhysical AddressSocial Security Number
High SeverityWebsite / service breach

Greater Mental Health of New York Behavioral Health Provider Breach (2025): 61K Patient & Employee Records Including SSN Exposed via Sinobi Ransomware

Nonprofit mental health and social services provider.

Verified by ObscureIQ Intelligence
77/100Breach Risk Index
40Data Value
40Market Recency
220dSince Breach

Breach Intelligence Summary

Entity: Greater Mental Health of New York · Actor: Sinobi · Sources: 2 references
Attack: Ransomware / Extortion
Profile: Nonprofit · Behavioral health services · Community mental health organization · USA
Timeline: Breach (2025-10-20) · Indexed (Nov 30, 2025) · Year (2025)
Exposure: 61K records · 4 fields: Email Address, Full Name, Physical Address, Social Security Number
Status: Confirmed

Executive Summary

On or around October 20, 2025, Greater Mental Health of New York was listed by the Sinobi ransomware group on its dark-web leak site following a double-extortion attack. The confirmed circulating dataset includes client and employee names, home addresses, emails, and Social Security numbers; Sinobi's post also referenced financial documents. Reporting notes behavioral-health records of this type often include health insurance and diagnosis information, but medical/clinical fields were not independently confirmed in the circulating set. The breach is catalogued by DataBreach.com and ransomware trackers; approximately 61,198 individuals are recorded, a figure not yet officially confirmed.

ObscureIQ assessment: Extremely sensitive. Exposure can enable identity theft, benefits fraud, stigma-based targeting, extortion, and serious privacy harm tied to mental-health treatment status.

Breach Impact

Because the records tie individuals to a community mental-health provider, exposure of names, addresses, and Social Security numbers carries stigma and discrimination risk on top of identity-theft harm, affecting both clients and employees. The dark-web listing also referenced financial documents, and any exposure of mental-health treatment status would substantially deepen the harm. The breach undermines trust in a sensitive care setting.

About Greater Mental Health of New York

Greater Mental Health of New York is a nonprofit community behavioral-health and social-services provider serving the Hudson Valley region, formed through the merger of the Mental Health Association of Westchester and the Mental Health Association of Rockland. It delivers mental-health treatment, counseling, care coordination, and community support services, maintaining client identity, contact, benefits, and case-management records.

Why They Hold Your Data

Community mental-health organizations collect highly sensitive client identity, contact, treatment, counseling, benefits, and case-management records across behavioral-health services.

Recent Developments

Following the October 2025 Sinobi ransomware attack, which exposed employee and client data, the organization faced data-breach class-action investigations. Sinobi, a ransomware-as-a-service group that emerged in mid-2025 (linked to the Lynx/INC lineage), listed the organization on its dark-web leak site.

Data Points Exposed

4 verified field types
Email Address
Full Name High
Physical Address High
Social Security Number Critical

Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.

Exploitation & Downstream Threats

Threat Activity:Critical
Primary downstream threats:
  • Stigma-based targeting and extortion tied to mental-health provider association
  • Identity theft and synthetic identity construction using SSN
  • Targeted phishing using exposed email addresses
  • Doxxing and physical targeting from exposed home addresses
  • Employee-directed social engineering and payroll/HR fraud
Threat vectors:
  • Stigma-based targeting & coercion
  • Full identity theft & synthetic identity fraud
  • Name-based social engineering
  • Phishing, credential stuffing & account takeover
  • Physical stalking, mail fraud & identity verification
  • Home targeting, stalking & physical threat

Threat Actor: Sinobi

Sinobi
Ransomware / Extortion

Attribution and method are based on available breach intelligence. Reported attack vector: Ransomware / Extortion.

Recommended Actions

If you believe your information may be included:

Protect Your ID Documents
Government-ID exposure enables document fraud — monitor and report misuse.
Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.

Frequently Asked Questions

What happened in the Greater Mental Health of New York breach?

On or around October 20, 2025, Greater Mental Health of New York was listed by the Sinobi ransomware group on its dark-web leak site following a double-extortion attack. The confirmed circulating dataset includes client and employee names, home addresses, emails, and Social Security numbers;…

What data was exposed?

Verified fields include Email Address, Full Name, Physical Address, Social Security Number.

What should I do if I was affected?

Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.

Sources & References

Every claim on this page is traceable. This breach draws on:

Breach Index
DataBreach.com
Record & field corroboration
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Risk Index scoring & downstream-threat assessment

Protect Yourself

Check If You're Affected

Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.

Get Free Breach Alerts

Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.

High-Risk? Get an Exposure Audit

Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.

Request Consultation