Fred Hutchinson Cancer Center reports cyberattack during Thanksgiving week
Learn More
The Fred Hutchinson Cancer Center in Seattle experienced a cyberattack during Thanksgiving week, affecting parts of its clinical network. The clinical network was taken offline within 72 hours of detecting the issue and remains shut down, although all clinics are operational and MyChart, the online patient portal, is still accessible.
The organization reported that "unauthorized activity" was detected, but the specific data at risk, including potential patient information, remains uncertain. No details are available about the nature of the attack.
The impact on patients and employees is still being assessed by forensic teams, and there is no clarity yet on the extent of the information breach. The investigation, involving federal law enforcement and forensic experts, might take weeks, and patients will be notified within 24 hours of any discoveries.
The organization, which was part of a recent merger and rebranding as the Fred Hutchinson Cancer Center, emphasizes that the research network was not affected.
This cyberattack is not isolated, as other healthcare organizations like Ardent Health Services and Vanderbilt University Medical Center also reported cybersecurity incidents during the same period.
Fred Hutch is working continuously to resolve the issue and maintain the safety and security of its patients and employees, with a dedicated call center and website for inquiries.
Update - Then this week, the patients started receiving threatening emails emails started to arrive. The threats were sent to former and current Fred Hutch patients — as well as some who have received care from Hutch partner UW Medicine — and claimed the names, Social Security numbers, phone numbers, medical history, lab results and insurance history of more than 800,000 patients had been compromised. The threat is aimed at patients pressuring Fred Hutch to pay a ransom.
“If you are reading this, your data has been stolen and will soon be sold to various data brokers and black markets to be used in fraud and other criminal activities,”
As of 15th of December the threat actors Hunters International claimed responsibility for the attack by listing the incident on their leak site. So far they have not leaked data, but threaten to leak 533.1 GB of information consisting of 711,627 files.
