- Today
- Holidays
- Birthdays
- Reminders
- Cities
- Atlanta
- Austin
- Baltimore
- Berwyn
- Beverly Hills
- Birmingham
- Boston
- Brooklyn
- Buffalo
- Charlotte
- Chicago
- Cincinnati
- Cleveland
- Columbus
- Dallas
- Denver
- Detroit
- Fort Worth
- Houston
- Indianapolis
- Knoxville
- Las Vegas
- Los Angeles
- Louisville
- Madison
- Memphis
- Miami
- Milwaukee
- Minneapolis
- Nashville
- New Orleans
- New York
- Omaha
- Orlando
- Philadelphia
- Phoenix
- Pittsburgh
- Portland
- Raleigh
- Richmond
- Rutherford
- Sacramento
- Salt Lake City
- San Antonio
- San Diego
- San Francisco
- San Jose
- Seattle
- Tampa
- Tucson
- Washington
Pennington Today
By the People, for the People
NJ Residents Can Claim Up to $5,000 After Capital Health Data Breach
Eligible individuals have until April 6 to file claims for cash payments and free credit monitoring.
Published on Feb. 9, 2026
Got story updates? Submit your updates here. ›
In a major cyberattack, Capital Health Systems fell victim to hackers in 2023, exposing sensitive personal data of patients and employees. As a result, a $4.5 million settlement has been reached, allowing affected New Jersey residents to claim between $100 and up to $5,000 in compensation. Eligible individuals have until April 6 to file claim forms to receive cash payments or sign up for free credit monitoring services.
Why it matters
This data breach highlights the growing threat of cyberattacks on healthcare providers and the importance of robust cybersecurity measures to protect sensitive patient information. The settlement provides affected individuals with some recourse and financial compensation for the exposure of their personal data.
The details
In November 2023, Capital Health Systems, which operates hospitals and medical facilities in New Jersey and Pennsylvania, suffered a two-week computer systems outage due to a cyberattack. The hacking group LockBit later claimed responsibility, stating they had stolen over 10 million files, including names, addresses, Social Security numbers, dates of birth, email addresses, and phone numbers of patients and employees. LockBit threatened to publicly release the data within two days unless Capital Health paid a ransom, though it's unclear if a ransom was paid.
- The cyberattack on Capital Health Systems occurred from November 11 to 26, 2023.
- On January 7, 2024, the LockBit hacking group claimed responsibility for the attack.
- The $4.5 million settlement agreement was first filed in August 2025.
- Eligible individuals have until April 6, 2026, to file claim forms for the settlement.
The players
Capital Health Systems
A healthcare provider that operates two hospitals, an outpatient site, and several doctors' offices in New Jersey and Pennsylvania.
LockBit
A notorious cybercrime group that claimed responsibility for the cyberattack on Capital Health Systems.
What’s next
Eligible individuals must file claim forms postmarked by April 6, 2026, to receive cash payments or sign up for free credit monitoring services.
The takeaway
This data breach settlement highlights the importance of healthcare providers prioritizing cybersecurity to protect patient and employee data, as well as the need for affected individuals to be proactive in claiming compensation and safeguarding their personal information in the aftermath of such incidents.
