Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Hackensack Meridian Health

Hackensack Meridian Health Vendor Cyber Rating & Cyber Score

hackensackmeridianhealth.org

Keep getting better.


HMH A.I CyberSecurity Scoring

HMH
Company Information
Website:http://www.hackensackmeridianhealth.org
Employees number:24,016
Number of followers:116,051
NAICS:62
Industry Type:Hospitals and Health Care
Homepage:hackensackmeridianhealth.org
HMH Risk Score (AI oriented)
Between 700 and 749
logo
HMHHospitals and Health Care
Updated:
09/07/2026
727/1000
Moderate
Ba
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
HMH Global Score (TPRM)
xxxx
logo
HMHHospitals and Health Care
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

HMH
HMHModerate
Current Score
727Ba (MODERATE)
01000
3 incidents
-61 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
727Before Incident
JUNE 2026
726Before Incident
MAY 2026
724Before Incident
APRIL 2026
724Before Incident
MARCH 2026
723Before Incident
FEBRUARY 2026
722Before Incident
JANUARY 2026
721Before Incident
DECEMBER 2025
720Before Incident
NOVEMBER 2025
779Before Incident
Breach
27 Nov 2025HMH
Trinitas Regional Medical Center, Greenbaum Rowe Smith and Davis, Hackensack Meridian Health and Atlantic Health System: New Jersey Cyber Attack May Have Exposed Patient Data

Cyberattack on New Jersey Law Firm Exposes Nearly 13,000 Patients’ Sensitive Data

718After Incident
CRITICAL-61
GREHACRWJTHE1783635866
Cyberattack on New Jersey Law Firm Exposes Nearly 13,000 Patients’ Sensitive Data A cyberattack on New Jersey-based law firm Greenbaum Rowe Smith and Davis compromised the protected health information (PHI) of 12,801 individuals, including patients from major healthcare providers. The breach, detected on November 27, 2025, involved unauthorized access to the firm’s systems via a compromised user account. Following the discovery, Greenbaum reset passwords, notified law enforcement, and launched an investigation, which concluded on April 15. The probe confirmed that an unauthorized third party accessed and acquired sensitive data, including names, addresses, Social Security numbers, dates of birth, medical records, and health insurance details. The breach was publicly listed on May 18 by the U.S. Department of Health and Human Services’ Office for Civil Rights, as required for incidents affecting 500 or more individuals. Greenbaum represents prominent healthcare systems, including Atlantic Health System, Hackensack Meridian Health, and Trinitas Regional Medical Center, and the breach may have impacted patients across all three. While there is no evidence the stolen data has been misused or published, affected individuals are being notified via mailed letters. Hackensack Meridian Health, the state’s largest healthcare provider, acknowledged the incident, emphasizing its concern for those affected. Though the breach did not occur on its own systems, the organization stated it is coordinating with Greenbaum on the response. In response to the attack, Greenbaum has strengthened its cybersecurity measures and is offering identity theft protection services and a dedicated call center for impacted individuals. Those affected can enroll in the services by September 29 via a provided hotline or website.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: Protected health information (PHI) including names, addresses, Social Security numbers, dates of birth, medical records, and health insurance detailsSystems Affected: Law firm's systemsBrand Reputation Impact: Potential reputational damage to affected healthcare providers and the law firmIdentity Theft Risk: High (due to exposure of Social Security numbers and other PII)
DATA BREACH
NamesAddressesSocial Security numbersDates of birthMedical recordsHealth insurance detailsNumber Of Records Exposed: 12,801Sensitivity Of Data: High (PHI and PII)Data Exfiltration: YesPersonally Identifiable Information: Yes
OCTOBER 2025
779Before Incident
SEPTEMBER 2025
779Before Incident
AUGUST 2025
779Before Incident
DECEMBER 2019
781Before Incident
Cyber Attack
01 Dec 2019HMH
Hackensack Meridian Health

System Interruptions at Hackensack Meridian Health

764After Incident
HIGH-17
HAC3141523
Computers at the state's largest hospital network experienced interruptions for the majority of the week, according to Hackensack Meridian Health, which declared its "core clinical systems" to be operational once more. Officials from the network have remained mum on what caused the issues, but they did say that experts had been hired to investigate what occurred. The network claimed that as soon as they were made aware of the occurrence, they took quick protective action, including shutting down systems out of an abundance of caution and putting in place back-up protocols. The network stated that it was still striving to restore full operation even when core systems were reported back online.
IMPACT
core clinical systemsDowntime: majority of the weekOperational Impact: interruptions in core clinical systems
JUNE 1996
787Before Incident
Ransomware
16 Jun 1996HMH
Hackensack Meridian Health

Hackensack Meridian Health Ransomware Attack

697After Incident
CRITICAL-90
HAC2023201222
Hackensack Meridian Health (HMH) faced a proposed class action lawsuit over a December 2019 ransomware attack. Hackensack Meridian Health experienced on December 2, 2019 and the attack crippled the computer network used by the defendant’s 17 hospitals for two days. It left facilities under the HMH umbrella unable to reschedule non-emergency surgeries and doctors and nurses were locked out of patient records. HMH did not notified patients of the ransomware incident, nor did they reported the breach to the Department of Health and Human Services. Those responsible had gained access to portions of their computer systems and made certain files unreadable via encryption, holding hostage a critical portion of HMH’s network. It contained patient records and the case relays. The attack compromised names, demographic details, dates of birth, Social Security and driver’s license numbers, employment data, and medical information protected by the Health Insurance Portability and Accountability Act of 1996—HIPAA.
INCIDENT DETAILS -
TYPE
Ransomware
MOTIVATION
Financial Gain
IMPACT
NamesDemographic DetailsDates of BirthSocial Security NumbersDriver's License NumbersEmployment DataMedical InformationSystems Affected: Computer NetworkDowntime: 2 DaysUnable to Reschedule Non-Emergency SurgeriesDoctors and Nurses Locked Out of Patient RecordsProposed Class Action Lawsuit
DATA BREACH
Personally Identifiable InformationMedical InformationSensitivity Of Data: HighData Encryption: Yes

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for HMH ?
?
What was HMH's A.I Rankiteo Cyber Score in June 2026 ?
?
What was HMH's A.I Rankiteo Cyber Score in May 2026 ?
?
What was HMH's A.I Rankiteo Cyber Score in April 2026 ?
?
What was HMH's A.I Rankiteo Cyber Score in March 2026 ?
?
What was HMH's A.I Rankiteo Cyber Score in February 2026 ?
?
What was HMH's A.I Rankiteo Cyber Score in January 2026 ?
?
What was HMH's A.I Rankiteo Cyber Score in December 2025 ?
?
What was HMH's A.I Rankiteo Cyber Score in November 2025 ?
?
What was HMH's A.I Rankiteo Cyber Score in October 2025 ?
?
What was HMH's A.I Rankiteo Cyber Score in September 2025 ?
?
What was HMH's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on HMH's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with HMH ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view HMH's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?