Menu
Browse

Cyber Incident Victim: Greenbaum Rowe Smith and Davis

Date:

Nov 2025

Location:

United States of America

Summary

Greenbaum Rowe Smith and Davis discovered unauthorized access to its systems through a compromised user account and subsequently launched an investigation. The investigation concluded that protected health information of approximately 12,800 individuals was accessed, affecting patients of Atlantic Health System, Hackensack Meridian Health, and Trinitas Regional Medical Center. The firm notified affected individuals by mail, offered identity theft protection and a dedicated call center, and stated there is no evidence the data was misused, while also enhancing its cybersecurity measures.

CIA Posture Motives Tactics, Techniques & Procedures
Available to members 0 motives 0 techniques
Threat Actors Type Location
0 actors Available to members Available to members

Description

Greenbaum Rowe Smith and Davis discovered unauthorized access to its systems via a compromised user account on November 27, 2025. Upon learning of the incident, the law firm immediately reset its passwords, notified law enforcement, and launched an investigation to determine what had occurred and whose information was involved. The firm’s internal response included isolating affected accounts and preserving logs for forensic review. These actions were taken to contain the breach and begin the process of identifying the scope of the compromise. The investigation was conducted internally with assistance from external cybersecurity professionals as needed.

Cyber Incident Image

The investigation concluded on April 15, 2026, and determined that protected health information of certain individuals had been acquired by an unauthorized third party from the firm’s systems. According to a notice published May 18, 2026 by the U.S. Department of Health and Human Services Office for Civil Rights, the breach affected a total of 12,801 people. Greenbaum provides legal services to major hospitals and health systems, including Atlantic Health System, Hackensack Meridian Health, and Trinitas Regional Medical Center, and the incident may have impacted patients at all three organizations. The types of data exposed included names, addresses, Social Security numbers, and other personal information. No evidence was found that the stolen information had been published or misused following the breach.

Greenbaum began notifying impacted patients directly about the incident via mailed letters. To assist affected individuals, the firm established a dedicated call center reachable at 1-844-685-6447 and provided an online resource at https://response.idx.us/grsd/. Identity theft protection services were offered to those whose data was compromised, with enrollment required by September 29, 2026. Following the incident, Greenbaum stated that it had enhanced its cybersecurity measures to prevent future unauthorized access. A spokesperson for Hackensack Meridian Health expressed concern about the incident and confirmed that the health system remained in close contact with Greenbaum as it managed the response.

Sources
Sources available to members
1 source