Ransomware victim disclosure
← All victimsNavesink Rehab
Claimed by Blacklock · listed 1 year ago
Status timeline
- ListedJun 3, 2025
- Data leakeddate unknown
At a glance
- Group
- Blacklock
- Status
- Data leaked
- Country
- United States
- Sector
- Healthcare
- Listed on leak site
- Jun 3, 2025
- Records
- 25 Employees
- Ransom demanded
- $5M
About the victim
AI dossier — public-source company profileNavesink Rehab is a multidisciplinary rehabilitation center in Red Bank, New Jersey, offering physical therapy, chiropractic care, acupuncture, and auto accident injury treatment. The clinic operates as a small practice with fewer than 25 employees and annual revenue under $5 million.
- Industry
- Healthcare & Rehabilitation Services
- Address
- Red Bank, New Jersey, United States
- Employees
- <25
Attack summary
Severity: high — Confirmed exfiltration and publication of healthcare data involving patient PHI and medical records. Healthcare data is regulated under HIPAA and represents sensitive personally identifiable information at scale for a patient population.BlackLock claims to have encrypted and exfiltrated data from Navesink Rehab. The group is demanding a $5 million ransom and has published data as proof of compromise.
Data the group says was taken
AI dossier — extracted from the leak post- Patient medical records
- Personal health information (PHI)
- Patient contact information
- Treatment records
- Billing and insurance information
What the group claims
Hospitals & Physicians Clinics New Jersey, United States <25 Employees Navesink Rehab is a multidisciplinary rehabilitation center located in Red Bank, New Jersey, offering a range of services including physical therapy, chiropractic care, acupuncture, and treatment for auto accident injuries. Revenue <$5 Million
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

