Half a Million Patients' Data Stolen From New Jersey Lab Company
A criminal group called WorldLeaks broke into Centers Laboratory's systems last August and walked off with records covering 542,377 people, including Social Security numbers and medical details.

Key points
- Centers Laboratory (Centers Lab NJ LLC), a New Jersey diagnostics firm, discovered a break-in on its computer systems in August 2025.
- Criminals accessed the systems between 9 and 14 August 2025, stealing files belonging to 542,377 people.
- Stolen data includes names, dates of birth, Social Security numbers (the nine-digit government ID used in the US for taxes and identity checks), passport numbers, driver's licence numbers, and health insurance and medical records.
- The criminal group WorldLeaks later published more than 1.6 million files totalling 720 GB that it claims came from Centers Lab.
- WorldLeaks grew out of a ransomware gang called Hunters International and has now hit more than 170 organisations worldwide.
A New Jersey company that runs medical tests and laboratory services for healthcare providers has told the US government that criminals stole personal and health records belonging to more than half a million people.
Centers Laboratory, formally known as Centers Lab NJ LLC, filed a data breach notice with the Department of Health and Human Services. The department's public breach tracker, updated last week, puts the figure at 542,377 affected individuals.
The company says it found the intrusion in August 2025. Investigators then worked out that the attackers had been inside the network for six days, from 9 to 14 August. During that window they copied files containing a wide sweep of sensitive information: full names, dates of birth, Social Security numbers, passport numbers, driver's licence or state ID numbers, and both health insurance details and medical records.
Should patients be worried?
Yes, in a practical sense. Social Security numbers combined with medical and identity records are exactly what criminals use to open fake credit lines, file fraudulent tax returns, or sell on underground markets. Anyone who received a breach notification letter from Centers Lab should place a free credit freeze with the three major US credit bureaus, Equifax, Experian, and TransUnion. A credit freeze stops new accounts being opened in your name without your direct approval. It costs nothing and takes a few minutes online.
Also watch for unexpected medical bills or insurance claims you do not recognise. These can signal that someone has used stolen health details to claim benefits in your name.
The break-in has been linked to a criminal group called WorldLeaks. The group listed Centers Lab on its website in October 2025 and claims to have leaked more than 1.6 million files, totalling 720 gigabytes of data.
WorldLeaks surfaced in 2025 after a ransomware gang called Hunters International, which used malicious software to lock victims' files and demand payment, shut down its operations. The people behind it regrouped under the WorldLeaks name but dropped the file-locking approach. They now focus purely on stealing data and threatening to publish it unless victims pay. More than 170 organisations appear on their public shaming site, including major brands such as Nike and Dell.
Centers Lab has not publicly stated whether it paid any ransom demand. The company's breach notice, first reported by SecurityWeek, focuses on what was taken rather than how negotiations played out.
For patients, the practical to-do list is short: freeze your credit, check your medical bills, and treat any email or phone call claiming to be from your health insurer or a debt collector with fresh suspicion.



