A recent nationwide data breach exposing millions of K-12 students’ information, including kids in Cranford and Millburn.
Ransomware attacks hitting Garden State police departments, cities and universities. And in Spotswood, a cyber thief stealing $4.8 million last year from the school district and borough — more than $3 million of which still hasn’t been recovered as of mid-February.
Cyberattacks seem to be lurking everywhere in New Jersey these days. Yet amid an alarming increase in breaches, hundreds of public organizations in the state might be unprotected despite a free membership to a national cybersecurity service that New Jersey began paying for last year.
In November 2025, New Jersey signed on as a statewide member of the Multi-State Information Sharing and Analysis Center. It pays $795,000 for its annual membership, according to Kelly Wyland, a spokeswoman for the Center for Internet Security, the nonprofit that operates MS-ISAC.
MS-ISAC covers 1,354 eligible organizations in the state. But only 177 have signed up, according to Wyland. Many New Jersey school districts, municipalities and public utilities are likely unaware it’s available to them, she says. And right now, the additional protection couldn’t be more valuable. “The threat environment is changing, really, on a daily basis,” said Randy Rose, the vice president of security operations and intelligence at the Center for Internet Security. “We’re in a heightened threat environment right now, given global tensions, certainly with Iran, but also tensions between Russia and Ukraine have persisted,” he added.
Nearly 60% of IT and security professionals have been told to keep breaches confidential, a 38% increase since 2023, according to Bitdefender, a global cybersecurity firm. Fears of reputational damage, financial loss and regulatory scrutiny fuel a culture of silence. New Jersey is not immune to that culture. And in the silence, cyberthreats proliferate, experts say.
