Notice of Data Security Incident
Jewish Family Services of Central New Jersey (“JFS”) recently experienced a data security incident that may have resulted in unauthorized access to patient health information. This posting is intended to provide notice of the Incident, steps we are taking in response to the Incident, and resources available to help you protect against the potential misuse of information. At this time, we have not received any reports of related misuse of health information since the date of the Incident.
What Happened? On October 18, 2023, JFS was made aware of unauthorized activity within its e-mail environment. Upon discovery of the Incident, JFS engaged a specialized cybersecurity incident response vendor to conduct a forensic investigation to determine the root cause and scope of the Incident.
The forensic investigation produced evidence of unauthorized activity within a JFS employee’s e-mail account that potentially contains protected health information. Based on the results of the forensic investigation JFS has initiated a review of the data maintained in the compromised e-mail user account for purposes of notifying those individuals whose information was impacted by the incident.
Upon completion of its review, should JFS determine that protected health information was accessed by an unauthorized user, notice letters will be mailed to the affected individuals via First Class Mail along with an offer of complimentary credit monitoring and identity theft protection services.
Please note there is no evidence at this time that any personal information has been misused as a result of this incident.
What Information Was Involved? Based on the results of the forensic investigation, it appears patient information may have been impacted and potentially included: names, addresses, dates of birth, diagnoses, medication and health practitioner information, and Medicaid numbers.
What We Are Doing? Data privacy and security are among our agency’s highest priorities, and there are extensive measures in place to protect information in our care. Since the discovery of the Incident, JFS moved quickly to investigate, respond, and confirm the security of our systems.
What You Can Do: We encourage you to remain vigilant, monitor your accounts, and immediately report any suspicious activity or suspected misuse of your personal information. Again, at this time, we have not received any reports of related misuse of personal health information since the date of the Incident.
Other Important Information: We recognize that you may have questions not addressed in this notice. If you have additional questions, please call 1-833-510-0083, Monday through Friday, 9:00 A.M. to 5:00 P.M. Eastern Standard Time, except holidays. JFS sincerely regrets any inconvenience or concern that this matter may cause and remains dedicated to ensuring the privacy and security of all information in our control.