Cyber Threat Alert: New Jersey Brain and Spine

March 26, 2022- New Jersey Brain and Spine notified current and former patients about a cybersecurity incident that compromised the personal information of 92,453 of its patients.  Its investigation into the security breach revealed the files impacted may have contained individual names, addresses, dates of birth, email addresses, telephone numbers, social security numbers, financial account information, debit or credit card information, driver’s license numbers or other ID numbers, and medical information of NJBS patients. On March 10, 2022, NJBS sent a letter to all persons whose data was compromised by the breach.

 What Happened?

 On November 16, 2021, NJBS detected unauthorized activity on its networks. Upon discovery, it activated its emergency operating protocols and hired independent computer forensic experts to investigate and determine what information may be at risk. The forensics investigation revealed that this incident that may have resulted in unauthorized access to patient information stored on NJBS’s systems

 What is NJBS Doing in Response to the Breach?

 According to the notice letter it sent to its patients, NJBS is implementing additional security controls to protect its network. NJBSs says that these steps will include enforcing stronger password requirements, enabling multifactor authentication, and additional data privacy and security awareness training for SSH’s workforce.

NJBS has not offered to provide its patients any identity theft protection services.

 Should You Be Concerned?

 If you received a data breach notice letter from NJBS, your personal data may have been seen by unauthorized cyber-criminals. Worse, the cyber-criminals may have removed your data from the company’s network so they can sell it on the Dark Web, leaving you vulnerable to credit card fraud, identify theft and a variety of scams.

Cybercriminals can pair the data with other available information to commit a broad range of fraud in a Class Member’s name, such as: obtaining employment; obtaining a loan; applying for credit cards or spending money; filing false tax returns; stealing Social Security and other government benefits; and applying for a driver’s license, birth certificate, or other public document.

Armed with personal information, cybercriminals can easily obtain tax returns or open fraudulent credit card accounts.  Social Security numbers can be used to create a false identification for someone who commits a crime, impairing the victim’s ability to gain employment or obtain a loan. It goes without saying that cybercrimes can have a significant negative financial impact on it victims, as well as cause severe emotional distress.

Victims of the breach can take a variety of measures to protect themselves as discussed below.

What You Should Do

 If you received a data breach notice letter from NJBS, you should take certain steps to safeguard your identify. We recommend the following:

  • Enroll in the free credit monitoring service provided by NJBS.
  • Get your free credit report from, and check for any accounts or charges you don’t recognize.
  • Check the monitoring application regularly to see if your data has been compromised or if your data is being used for fraudulent purposes;
  • Consider placing a free credit freeze.  A credit freeze makes it harder for someone to open an account in your name.
  • Try to file your taxes early, before a scammer can. Tax identity theft happens when someone uses your Social Security number to get a tax refund or a job. Respond right away to letters from the IRS.
  • Don’t believe anyone who calls and says you’ll be arrested unless you pay for taxes or debt — even if they have part or all of your Social Security number, or they say they’re from the IRS.
  • Change your online passwords and security questions;
  • Regularly review your credit card and bank account statements for signs of suspicious activity;
  • Monitor your credit report for any unexpected changes that may be a sign of identity theft;
  • Contact one of the major credit bureaus to request they add a fraud alert to your profile; and
  • Immediately notify your banks and credit card companies if you identify any suspicious activity

What Else Should You Do?

Data breach victims may be able to seek compensation through a class action.  Class actions are frequently filed against companies that are breached. While these cases sometimes go to trial, most data breach class actions settle and provide a variety of benefits to class members.  These benefits may include additional years of credit and identity monitoring, compensation for time spent responding to the breach, reimbursement for any losses from fraud related to the breach or nominal damages.  If you want to learn more about data breach class actions and how you can participate in one against NJBS, you should contact a data breach attorney as soon as possible.

To register with us sign up below: