Greenbaum Rowe Smith & Davis

Greenbaum Rowe Smith and Davis LLP (“Greenbaum”) recently experienced a cybersecurity incident that affected certain protected health information of certain of its healthcare provider customers’ patients. Greenbaum provides legal services to certain healthcare providers, such as hospitals and health systems, including Atlantic Health System.

This notice explains what happened and the steps Greenbaum has taken to address this issue. Although Greenbaum has no reason to believe that any misuse of this information has occurred or will occur, as a precaution, it is providing information about steps individuals can take to help protect their personal information.

What Happened

In connection with its representation of healthcare providers, Greenbaum, under appropriate legal, contractual and consent laws, has access to certain patient information of those healthcare providers. On November 27, 2025, Greenbaum personnel discovered unauthorized access to its systems via a compromised user account. Upon discovery, Greenbaum immediately took steps to contain the intrusion and launched a comprehensive investigation with the assistance of external cybersecurity experts to determine the cause and scope of the incident. Greenbaum also took immediate measures to secure its environment, including password resets, replacing compromised machines, and notifying law enforcement.

Greenbaum’s investigation ultimately determined that during this incident, which occurred between November 25, 2025 and November 27, 2025, certain information was acquired by an unauthorized third party from Greenbaum’s systems. Greenbaum undertook an extensive analysis of the affected information to determine whether individually identifying data may have been involved, which took several months. Thereafter, Greenbaum identified the protected health information of certain individuals in the affected data that was acquired by the unauthorized third party. This review required a detailed analysis of affected files to identify individuals whose information may have been involved.

What Information Was Involved

This information included those individuals’ name, address, and health information, including one or more of the following: Medical Record Number; Account Number; Diagnosis; Clinical Information; Medical History/Treatment/Procedure; Provider; Dates of Service; Medical Cost; and/or Health Insurance Information. For a subset of individuals, their Social Security Numbers and/or dates of birth may have been included. While Greenbaum believes any risk of harm is unlikely because there is no evidence that the information was published or misused, Greenbaum is currently notifying those individuals at their last known addresses in accordance with applicable regulations. At this time, Greenbaum is not aware of any identity theft or fraud related to the use of any affected individual’s information.

What Greenbaum Is Doing

As discussed above, upon learning of the incident, Greenbaum immediately investigated the incident, blocked further unauthorized activity, contained the incident, and notified law enforcement. Greenbaum also enhanced its cybersecurity by adding additional monitoring and detection tools as safeguards against future cyber threats. In addition, Greenbaum is offering affected individuals identity theft protection services through IDX.

What Affected Individuals Can Do

Although Greenbaum has no evidence that any affected individual’s information has been subject to identity theft or fraud, Greenbaum encourages individuals to remain vigilant against incidents of identity theft and fraud, review account statements, and monitor their free credit reports for suspicious activity and to detect errors.

Individuals can contact IDX with any questions by calling 1-844-685-6447. IDX representatives are available Monday through Friday from 9 am – 9 pm Eastern Time, excluding holidays.

More Information

Greenbaum is committed to data protection. Greenbaum regularly reviews its physical and electronic safeguards to protect personal information, and it will continue to take appropriate steps to safeguard personal information and its systems.