Data breach reported for Community Health Action of Staten Island

Key Facts: CHASI Data Breach

• Date reported: February 25, 2026.
• Unauthorized access identified: February 13, 2026 (discovery of data exfiltration).
• Target entity: Community Health Action of Staten Island (chasiny.org).
• Source of breach: GENESIS (ransomware group).
• Data types: Names, Social Security numbers, driver's license numbers, non-driver identification card numbers, bank account and routing numbers, medical information (including HIV test records), and health insurance information.
• Status: Confirmed; the organization notified the Massachusetts Office of Consumer Affairs and Business Regulation on February 24, 2026, and has partnered with Experian to offer identity protection services.
• Severity: Medium; while the incident involves a significant exfiltration of sensitive medical and personal data (reportedly 200,000 records), the organization has initiated a formal response and recovery process.

Start continuous breach monitoring with UpGuard.

What happened in the CHASI data breach?

Community Health Action of Staten Island (CHASI), operating under the domain chasiny.org, reported a data breach on February 25, 2026. The GENESIS ransomware group claimed responsibility for the security incident, stating they had accessed and exfiltrated sensitive data from the organization's systems on February 13, 2026.

The organization disclosed that a security event may have compromised sensitive personal details, including Social Security numbers, financial information, and medical records. The breach is classified as medium severity, which typically indicates a moderate risk that requires affected individuals to take protective action. As no specific tags were provided for this incident, it remains a general data security concern. Such breaches carry the inherent risk of identity theft and financial fraud for those involved.

Who is behind the incident?

The GENESIS ransomware group has claimed responsibility for the attack. The group posted on a dark web forum in mid-February 2026, claiming to have obtained over 200,000 records, including HIV-tested patient databases, sensitive information regarding marginalized communities, and internal financial data.

Impact and risks for CHASI customers

For those affected, the exposure of names, Social Security numbers, driver’s license numbers, and bank account details presents a plausible risk of identity theft and financial fraud. The inclusion of medical and health insurance information could also lead to specialized phishing campaigns or medical identity theft. Individuals should remain vigilant for any unauthorized activity or suspicious communications.

These types of incidents often result in long-term monitoring requirements for victims to ensure their data is not misused. Impacted individuals should consider freezing their credit, enabling multi-factor authentication on all financial accounts, and reviewing medical statements for discrepancies. Transparency from the organization helps individuals take these necessary steps to protect their personal information.

How to protect against similar security incidents

Get instant alerts when your data appears on the dark web.

Frequently asked questions

What happened in the CHASI security breach?

On February 25, 2026, CHASI (chasiny.org) disclosed a security breach. According to initial reports, Community Health Action of Staten Island reported a data security incident that may have involved personal information of individuals, including names, Social Security numbers, driver’s license numbers, bank account and routing numbers, medical information, and health insurance information.

When did the CHASI breach occur?

The CHASI breach was publicly reported on February 25, 2026, after the GENESIS ransomware group initially claimed to have breached the systems on February 13, 2026. Official disclosures to state regulators were filed on February 24, 2026.

What data was exposed?

Exposed data included names, Social Security numbers, driver's license and non-driver ID numbers, bank account and routing numbers, as well as sensitive medical records and health insurance details.

Is my personal information at risk?

If you interacted with CHASI, there's a possibility your personal information could be affected. Similar incidents often involve sensitive identifiers like Social Security numbers or medical history. Affected individuals are being offered a complimentary membership to Experian IdentityWorks for credit monitoring and identity restoration.

How can I protect myself after this data breach?

• Change passwords for all sensitive accounts
• Enable multi-factor authentication (MFA)
• Monitor financial and bank accounts for unauthorized transactions
• Watch for suspicious phishing emails or messages
• Use breach monitoring tools to track your data

What steps should companies take after being impacted by this breach?

CHASI is taking the incident seriously and has provided a contact number for affected individuals to inquire further. Companies in this situation typically secure their systems, notify affected parties, provide guidance on protective actions, and review security measures to prevent future occurrences.