{
	"id": "7cac27b0-10d1-42d3-b23c-0cca361d2d2e",
	"created_at": "2026-04-06T00:07:32.194657Z",
	"updated_at": "2026-04-10T03:21:06.210153Z",
	"deleted_at": null,
	"sha1_hash": "b7ed10aacd0e181365edab404727b928051894df",
	"title": "University Hospital New Jersey hit by SunCrypt ransomware, data leaked",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 1145493,
	"plain_text": "University Hospital New Jersey hit by SunCrypt ransomware, data\r\nleaked\r\nBy Ax Sharma\r\nPublished: 2020-09-16 · Archived: 2026-04-05 22:44:58 UTC\r\nUniversity Hospital New Jersey (UHNJ) has suffered a massive 48,000 document data breach after a ransomware operation\r\nleaked their stolen data.\r\nEstablished in 1994, the University Hospital is a New Jersey state-owned teaching hospital that provides medical care to\r\nresidents.\r\nThe hospital runs on a $626 million budget and has over 3,500 employees, 519 licensed beds, and over 172,000 annual\r\noutpatient visits.\r\nhttps://www.bleepingcomputer.com/news/security/university-hospital-new-jersey-hit-by-suncrypt-ransomware-data-leaked/\r\nPage 1 of 5\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/university-hospital-new-jersey-hit-by-suncrypt-ransomware-data-leaked/\r\nPage 2 of 5\n\nVisit Advertiser websiteGO TO PAGE\r\nSensitive info leaked after a ransomware attack\r\nThe SunCrypt ransomware operation has leaked data allegedly stolen from UHNJ in a September ransomware attack.\r\nSunCrypt is a ransomware operation that began its activities in October 2019 but was not very active. Over the past few\r\nmonths, they have become much more active since releasing a dedicated leak site.\r\nWhile BleepingComputer has not corroborated all of the attacker's claims, the data seen by BleepingComputer does appear\r\nto belong to UHNJ.\r\nOf the 240 GB of data allegedly stolen from University Hospital New Jersey, the attackers have leaked a 1.7 GB archive\r\ncontaining over 48,000 documents.\r\nAlleged data leak for University Hospital New Jersey\r\nThis data leak includes patient information release authorization forms, copies of driving licenses, Social Security Numbers\r\n(SSNs), date of birth (DOB), and records about the Board of Directors.\r\nUHNJ Data leak\r\nShown below is a partial image of one such record leaked in the dump, with PII redacted:\r\nhttps://www.bleepingcomputer.com/news/security/university-hospital-new-jersey-hit-by-suncrypt-ransomware-data-leaked/\r\nPage 3 of 5\n\nAn example patient information release form\r\nIf you have first-hand information about this or other unreported cyberattacks, you can confidentially contact us on Signal\r\nat +16469613731.\r\nEmployee infected with TrickBot prior to the attack\r\nA source in the cybersecurity industry has told BleepingComputer that an employee of UHNJ was infected with the\r\nTrickBot trojan at the end of August.\r\nWhen a computer is infected with TrickBot, it usually leads to a full compromise of the network with ransomware\r\neventually being deployed.\r\nTrickBot has historically been known to lead to Ryuk ransomware attacks and an occasional Maze ransomware attack. Now\r\nTrickBot is predominately pushing the Conti ransomware. \r\nWhile Maze denies any affiliation with SunCrypt, the SunCrypt ransomware operators have told BleepingComputer that\r\nthey are part of the Maze Cartel.\r\nFurthermore, when infecting a victim, SunCrypt will connect to an IP address previously associated with Maze infections.\r\nThe SunCrypt operators may have also partnered with TrickBot to provide access to compromised networks, such as the\r\nnetwork of UHNJ.\r\nBleepingComputer has reached out to UHNJ multiple times but did not receive a response to our emails and calls.\r\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nhttps://www.bleepingcomputer.com/news/security/university-hospital-new-jersey-hit-by-suncrypt-ransomware-data-leaked/\r\nPage 4 of 5\n\nSource: https://www.bleepingcomputer.com/news/security/university-hospital-new-jersey-hit-by-suncrypt-ransomware-data-leaked/\r\nhttps://www.bleepingcomputer.com/news/security/university-hospital-new-jersey-hit-by-suncrypt-ransomware-data-leaked/\r\nPage 5 of 5",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/university-hospital-new-jersey-hit-by-suncrypt-ransomware-data-leaked/"
	],
	"report_names": [
		"university-hospital-new-jersey-hit-by-suncrypt-ransomware-data-leaked"
	],
	"threat_actors": [],
	"ts_created_at": 1775434052,
	"ts_updated_at": 1775791266,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/b7ed10aacd0e181365edab404727b928051894df.pdf",
		"text": "https://archive.orkl.eu/b7ed10aacd0e181365edab404727b928051894df.txt",
		"img": "https://archive.orkl.eu/b7ed10aacd0e181365edab404727b928051894df.jpg"
	}
}