Another major healthcare data breach demonstrates how cyber extortion continues to change. Centers Laboratory, a New Jersey-based diagnostics provider, disclosed that a cyberattack discovered in August 2025 ultimately affected more than 540,000 individuals after threat actors gained unauthorized access to its IT environment.
WorldLeaks has been linked to the breach and allegedly stole more than 1.6 million files totaling roughly 720 GB before publishing the organization on its leak site.
Data theft continues to drive many extortion campaigns. Even when organizations recover quickly, stolen information can create lasting privacy concerns and regulatory obligations.
Why It Matters: Recovering systems after an attack is only one part of the challenge. Data exfiltration can leave organizations dealing with regulatory scrutiny and privacy risks long after an intrusion ends. Limiting access to sensitive information and detecting unauthorized activity early can significantly reduce the impact of attacks that focus on stealing data instead of disrupting operations.
- 540,000 Individuals Impacted: Centers Laboratory reported that 542,377 people were impacted after attackers gained limited access to company systems between August 9 and August 14, 2025. The incident demonstrates how a short period of unauthorized access can lead to the theft of a significant amount of sensitive information.
- Patient Data Exposed: According to the company’s investigation, attackers exfiltrated personal information, government-issued identification, and protected health information. The combination of these data types creates long-term privacy concerns while increasing the risk of identity theft and fraud.
- WorldLeaks Behind the Attack: The group allegedly stole more than 1.6 million files totaling roughly 720 GB before listing Centers Laboratory on its leak site in October 2025. Following the shutdown of Hunters International, WorldLeaks adopted a data extortion model that has already targeted more than 170 organizations.
- Data Theft Drives Extortion: WorldLeaks no longer relies on file-encrypting malware to pressure victims. Its operations focus on stealing sensitive information and using it as leverage, placing greater emphasis on detecting unauthorized access before large-scale data theft occurs.
- Healthcare Remains a Target: Diagnostic laboratories and healthcare providers store large volumes of patient information while supporting essential services. Protecting that data now depends as much on limiting unauthorized access as recovering systems after an attack.
Go Deeper -> Centers Laboratory Data Breach Affects 540,000 Individuals – Security Week
Trusted insights for technology leaders
Our readers are CIOs, CTOs, and senior IT executives who rely on The National CIO Review for smart, curated takes on the trends shaping the enterprise, from GenAI to cybersecurity and beyond.
Subscribe to our 4x a week newsletter to keep up with the insights that matter.


