Community Health Action Data Breach Exposes PHI and PII of 60,000 Records

Community Health Action of Staten Island, a nonprofit organization dedicated to improving health outcomes for vulnerable populations in Staten Island, recently experienced a data breach involving both personally identifiable information (PII) and protected health information (PHI).

The breach was first made public on Feb. 13, 2026, when the GENESIS ransomware group claimed responsibility on a dark web forum, stating they had accessed and exfiltrated sensitive data from the organization’s systems. The attackers threatened to publish the data within five to six days if their demands were not met.

According to the threat actor, the stolen data includes medical databases with over 60,000 records of HIV-tested patients, personal data databases, HIPAA-related information, financial data of Sun River Health and its subsidiaries, contracts, non-disclosure agreements, tax data, government grant information, management and HR data, as well as files from company servers.

The breach was later disclosed to the Massachusetts Office of Consumer Affairs and Business Regulation on Feb. 24, 2026, with official notification indicating that at least two Massachusetts residents were affected.

According to the official disclosures, the types of consumer information exposed in this incident include: names, Social Security numbers, driver’s license numbers, non-driver identification card numbers, bank account and routing numbers, health insurance information, and medical information.

Community Health Action of Staten Island's response

Following the breach, Community Health Action of Staten Island have partnered with Experian to offer affected individuals a complimentary two-year membership to Experian IdentityWorks, which provides credit monitoring, identity theft detection, and dedicated support for identity restoration.

Individuals whose information was compromised are encouraged to enroll in the Experian IdentityWorks program as soon as possible. This service includes daily credit monitoring across all three major credit bureaus, access to credit reports, $1 million in identity theft insurance, and extended care support even after the membership expires.

Affected individuals should also remain vigilant by regularly reviewing their account statements and credit reports for any unauthorized activity.

The company has provided a dedicated call center at 844-443-1607 for questions and support.