Central Jersey Medical Center 2025 Data Breach

Central Jersey Medical Center FQHC Breach (2025): 131K Patient SSN & Home Address Records Exposed | ObscureIQ
ObscureIQ Breach Intelligence

Classification Tags

SinobiMedicalEmail AddressFull NamePhone NumberPhysical AddressSocial Security Number
High SeverityWebsite / service breach

Central Jersey Medical Center FQHC Breach (2025): 131K Patient SSN & Home Address Records Exposed

Medical clinic or healthcare provider.

Verified by ObscureIQ Intelligence
79/100Breach Risk Index
30Data Value
40Market Recency
191dSince Breach

Breach Intelligence Summary

Entity: Central Jersey Medical Center · Actor: Sinobi · Sources: 2 references
Attack: Unknown
Profile: Healthcare Provider · Primary care, dental, and preventive health services · Federally Qualified Health Center · USA
Timeline: Breach (2025-10-10) · Indexed (Oct 18, 2025) · Year (2025)
Exposure: 131K records · 5 fields: Email Address, Full Name, Phone Number, Physical Address, Social Security Number
Status: Reported

Executive Summary

Central Jersey Medical Center, a Federally Qualified Health Center based in Perth Amboy, New Jersey, suffered a ransomware attack on August 25, 2025 in which an external threat actor accessed the medical center's dental servers' network and deployed ransomware to encrypt files. The Sinobi ransomware-as-a-service group claimed responsibility on October 10, 2025 by listing CJMC on its dark-web leak site and asserting it had exfiltrated approximately 930 gigabytes of data. CJMC posted a public notice on October 23, 2025 and began notifying affected individuals. The breach affected approximately 131,000 individuals based on records indexed by breach-tracking services. Compromised fields included names, dates of birth, addresses, telephone numbers, email addresses, race or ethnicity, Social Security numbers, dental record numbers, health insurance information, dental diagnoses, treatment history, and billing information. The breach was specifically limited to CJMC's dental servers' network; the general electronic medical record system, financial accounts, and payment information were not affected. As an FQHC providing primary, dental, and mental-health services in school-based health centers across Newark, the affected dental-records archive may include records for both adult patients and minors who received dental care through school-based programs. For affected patients, the practical risk profile is severe and combines identity-fraud exposure with healthcare-program and minor-specific risks. The combination of name, date of birth, address, and Social Security number is a strong base for synthetic identity fraud and fraudulent credit applications. Inclusion of race or ethnicity may support targeted discrimination-themed phishing or scams. Patients in school-based programs may have had records exposed for minor children, raising concerns about child-identity fraud that can go undetected for years. Affected patients and parents should freeze credit at all three U.S. bureaus including for any minor children who received dental services through CJMC, monitor health-insurance and Medicaid statements closely, and treat unsolicited contact referencing CJMC or related dental services with caution.

ObscureIQ assessment: Severe risk of identity theft, medical fraud, insurance abuse, and targeted scams exploiting care relationships. Community health settings may also involve vulnerable populations with heightened exposure.

Breach Impact

CJMC faces significant institutional exposure given its FQHC status and the size of the affected patient population. Federal HIPAA notification obligations, an active Office for Civil Rights review, federal grant-recipient compliance obligations, New Jersey attorney-general filings, and active class-action litigation discussions are all underway. The reputational impact is concentrated within underserved populations in Perth Amboy, Carteret, and Newark public schools where CJMC is often the only available local provider, making patient retention and trust unusually consequential. As an FQHC, CJMC operates with a limited cybersecurity budget and staffing relative to larger metropolitan hospitals, which is a known industry-wide vulnerability for community health centers. CJMC's confirmation that its general EMR system was not involved has helped contain the scope of disclosure obligations.

About Central Jersey Medical Center

Central Jersey Medical Center, Inc. (CJMC) is a Federally Qualified Health Center based in Perth Amboy, New Jersey, with additional locations in Newark and Carteret. Serving the region since 2001, CJMC provides primary, specialty, and dental care to medically underserved populations regardless of insurance status or ability to pay. The organization operates several school-based health centers in Newark public schools that offer dental, medical, and mental health services to both students and the broader community. As a HIPAA-regulated FQHC, CJMC maintains comprehensive patient identity, contact, insurance, billing, and clinical records across its primary, dental, and mental-health operations, alongside school-program records and Medicaid and Medicare identifiers used for federal-program billing.

Why They Hold Your Data

Federally Qualified Health Centers collect patient identity, contact, insurance, billing, appointment, and clinical records across primary, dental, and preventive care services.

Recent Developments

Central Jersey Medical Center experienced a ransomware attack on August 25, 2025 in which an external threat actor gained unauthorized access to its dental servers' network and deployed ransomware to encrypt files. The Sinobi ransomware-as-a-service group claimed responsibility on October 10, 2025 by listing CJMC on its dark-web leak site and asserting it had exfiltrated approximately 930 gigabytes of data. CJMC posted a public notice on its website on October 23, 2025 and began notifying affected individuals. The organization engaged outside cybersecurity experts, notified law enforcement, and reported the matter to state and federal regulators. Class-action investigations by U.S. plaintiff law firms began organizing in late October 2025. CJMC has stated that its general electronic medical record system was not involved, and that no financial accounts or payment information was affected.

Data Points Exposed

5 verified field types
Email Address
Full Name High
Phone Number
Physical Address High
Social Security Number Critical

Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.

Exploitation & Downstream Threats

Threat Activity:Critical
Primary downstream threats:
  • Identity theft and synthetic identity construction using government-issued IDs
  • SIM swap attacks where phone numbers are present
  • Targeted phishing campaigns using exposed email addresses
  • Doxxing risk from physical address exposure
Threat vectors:
  • Phishing, credential stuffing & account takeover
  • Name-based social engineering
  • SIM swapping, vishing & SMS phishing
  • Physical stalking, mail fraud & identity verification
  • Home targeting, stalking & physical threat
  • Full identity theft & synthetic identity fraud

Threat Actor: Sinobi

Sinobi
Unknown

Attribution and method are based on available breach intelligence. Reported attack vector: Unknown.

Recommended Actions

If you believe your information may be included:

Protect Your ID Documents
Government-ID exposure enables document fraud — monitor and report misuse.
IdentityTheft.gov
Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Find 2FA settings
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.
IdentityTheft.govReport to FTC

Frequently Asked Questions

What happened in the Central Jersey Medical Center breach?

Central Jersey Medical Center, a Federally Qualified Health Center based in Perth Amboy, New Jersey, suffered a ransomware attack on August 25, 2025 in which an external threat actor accessed the medical center's dental servers' network and deployed ransomware to encrypt files. The Sinobi…

What data was exposed?

Verified fields include Email Address, Full Name, Phone Number, Physical Address, Social Security Number.

What should I do if I was affected?

Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.

Sources & References

Every claim on this page is traceable. This breach draws on:

Breach Index
DataBreach.com
Record & field corroboration
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Risk Index scoring & downstream-threat assessment

Protect Yourself

Check If You're Affected

Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.

Get Free Breach Alerts

Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.

High-Risk? Get an Exposure Audit

Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.

Request Consultation