The NJCCIC continues to receive reports of compromised email, communication, and social media accounts of New Jersey residents. Compromised accounts include Microsoft, Gmail, AOL, Discord, WhatsApp, Facebook, Instagram, and TikTok.
Following the February 28 US–Israeli strikes on Iranian infrastructure, Iran‑aligned and pro‑Palestinian hacktivist groups rapidly increased operations. The activity is high-volume, opportunistic, and propaganda‑driven, but poses real risk.
Monroe University disclosed a data breach affecting over 320,000 people. Threat actors gained unauthorized access to computer systems for two weeks in December 2024 and acquired copies of some files. A review of the files revealed stolen personal, financial, and health information.
Princeton University discovered a data breach exposing the personal information of alums, donors, faculty, staff members, and students. On November 10, threat actors targeted an employee in a phishing attack, compromising a database that contained biographical information...
Conduent Business Services, LLC (“Conduent”) is a third-party service provider for services related to printing and mailroom, document processing, payment integrity, government benefits, and other back-office support services. On January 13, Conduent discovered...
Modernizing Medicine, Inc. (ModMed) discovered unauthorized activity in certain computer servers used by its podiatry practice clients. Between July 9 and July 10, 2025, a threat actor accessed and copied sensitive information stored on these internal servers.
Central Jersey Medical Center, Inc. (CJMC) announced a data breach in which personally identifiable information and protected health information of certain patients may have been compromised. On August 25, 2025, a threat actor gained unauthorized access to the CJMC...
On or around May 5, 2025, The Institute of Culinary Education (“The Institute”) detected suspicious activity that initiated an investigation. The findings revealed that an unauthorized threat actor gained access to certain systems and copied files containing information relating to students.
The Cybersecurity and Infrastructure Security Agency (CISA) released this Alert to provide guidance in response to a widespread software supply chain compromise involving the world’s largest JavaScript registry, npmjs.com. A self-replicating worm—publicly known as Shai-Hulud...
FinWise Bank partners with American First Finance (AFF) to offer consumer financing products, including installment loans and lease-to-own programs. FinWise Bank, on behalf of AFF, disclosed a data breach involving a former employee who accessed sensitive data...
