- Today
- Holidays
- Birthdays
- Reminders
- Cities
- Atlanta
- Austin
- Baltimore
- Berwyn
- Beverly Hills
- Birmingham
- Boston
- Brooklyn
- Buffalo
- Charlotte
- Chicago
- Cincinnati
- Cleveland
- Columbus
- Dallas
- Denver
- Detroit
- Fort Worth
- Houston
- Indianapolis
- Knoxville
- Las Vegas
- Los Angeles
- Louisville
- Madison
- Memphis
- Miami
- Milwaukee
- Minneapolis
- Nashville
- New Orleans
- New York
- Omaha
- Orlando
- Philadelphia
- Phoenix
- Pittsburgh
- Portland
- Raleigh
- Richmond
- Rutherford
- Sacramento
- Salt Lake City
- San Antonio
- San Diego
- San Francisco
- San Jose
- Seattle
- Tampa
- Tucson
- Washington
Pennington Today
By the People, for the People
NJ Residents Can Claim Up to $5,000 After Capital Health Data Breach
Eligible individuals have until April 6 to file claims for documented losses or a flat $100 payment.
Published on Feb. 9, 2026
Got story updates? Submit your updates here. ›
In a major cyberattack, Capital Health Systems fell victim to hackers in 2023, exposing sensitive personal data of patients and employees. As a result, a $4.5 million settlement has been reached, allowing eligible New Jersey residents to claim between $100 and up to $5,000 in compensation. Claimants have until April 6 to submit their forms and supporting documentation.
Why it matters
This data breach highlights the growing threat of cyberattacks on healthcare providers and the importance of robust cybersecurity measures to protect sensitive patient information. The settlement provides affected individuals a chance to recoup losses and access free credit monitoring, though some may choose to opt-out and pursue individual legal action.
The details
The cyberattack on Capital Health Systems was claimed by the LockBit hacking group, which threatened to publicly release the stolen data, including names, addresses, Social Security numbers, dates of birth, email addresses, and phone numbers. The breach impacted not only patients, but also former patients and Capital Health employees. While the settlement does not disclose whether a ransom was paid, it provides a path for affected individuals to seek compensation for documented losses related to the incident.
- The cyberattack on Capital Health Systems occurred from November 11 to 26, 2023.
- On January 7, 2024, the LockBit hacking group claimed responsibility for the attack.
- The $4.5 million settlement agreement was first filed in August 2025.
- Claim forms must be postmarked by April 6, 2026 to qualify for payment and free credit monitoring.
The players
Capital Health Systems
A healthcare provider operating two hospitals and an outpatient site in New Jersey, as well as several doctors' offices in New Jersey and Pennsylvania.
LockBit
A notorious cybercrime group that claimed responsibility for the cyberattack on Capital Health Systems.
What’s next
The judge will decide on March 9, 2026 whether to approve the $4.5 million settlement agreement.
The takeaway
The Capital Health data breach serves as a reminder for healthcare organizations to prioritize cybersecurity and protect patient data, while also highlighting the need for affected individuals to be vigilant in monitoring their personal information and taking advantage of available compensation and credit monitoring services.
