Navesink Rehab falls victim to BLACKLOCK ransomware group

On June 3, 2025, the ransomware group known as BLACKLOCK publicly claimed responsibility for a cyberattack on Navesink Rehab, a multidisciplinary rehabilitation center based in Red Bank, New Jersey. The data breach was announced on the ransomware group's dark web leak site hosted on the Tor network.

According to BLACKLOCK, they successfully infiltrated Navesink Rehab’s systems, exfiltrated sensitive data, and threatened to publish the stolen information within six to seven days if their demands were not met.

While the exact number of affected individuals has not been disclosed, the nature of Navesink Rehab’s business suggests that both personally identifiable information (PII) and protected health information (PHI) may have been compromised. This could include patient names, addresses, dates of birth, medical records, insurance details, treatment histories, and other sensitive data.

BLACKLOCK’s method involved deploying ransomware, which typically encrypts files and renders them inaccessible until a ransom is paid. In this case, the group also exfiltrated data before making their demands public. As of the date of publishing, it is unclear whether any data has been released or if Navesink Rehab has responded to the ransom demand.

For individuals who may have been affected, it is important to remain vigilant. Monitoring financial accounts and health insurance statements for suspicious activity is recommended.

Patients should consider placing fraud alerts or credit freezes with major credit bureaus and be cautious of phishing attempts or unsolicited communications referencing their care at Navesink Rehab. If the organization offers identity theft protection or credit monitoring services, taking advantage of these resources is advisable.

Additional details, including official notices or resources for affected individuals, may become available on the Navesink Rehab website or on state attorneys general office websites as the situation develops.