Security News Ransomware gang behind threats to Fred Hutch cancer patients


Level 78
Thread author
Honorary Member
Top Poster
Content Creator
Apr 24, 2016
The Hunters International ransomware gang claimed to be behind a cyberattack on the Fred Hutchinson Cancer Center (Fred Hutch) that resulted in patients receiving personalized extortion threats.

Fred Hutch is a Seattle-based cancer research and patient care and treatment center operating a network of more than ten clinical sites in the region.

At the start of the month, the hospital disclosed a cybersecurity incident that occurred on November 19, 2023, involving unauthorized access to its networks.

The health organization quarantined the impacted servers, took its clinical network offline to prevent the spread of the threat, and notified the federal law enforcement authorities of the attack.

The investigation conducted with the help of a leading forensic expert has not produced evidence that the attackers stole patient data, according to the notice on Fred Hutch's website. However, investigations on that front haven't been completed yet.

Today, the ransomware group Hunters International has added Fred Hutchinson to their extortion portal on the dark web, threatening the healthcare organization with leaking 533.1GB of data allegedly stolen from its networks.

The threat actors have only published thumbnails of select documents they claim to have exfiltrated from Fred Hutch's networks, so the blackmail is still underway.
Last week, it was reported that the threat actors responsible for the attack on Fred Hutch were emailing patients individually, threatening them with public disclosure of their sensitive data.

As reported by the Seattle Times, the attackers emailed many patients stating they have the names, Social Security numbers, phone numbers, medical history, lab results, and insurance history of over 800,000 patients.

"If you are reading this, your data has been stolen and will soon be sold to various data brokers and black markets to be used in fraud and other criminal activities," reads the emails seen by the Seattle Times.

These emails reportedly contained recipients' personal information as proof, including a patient's address, phone number, and medical record number, and a link to a site where they could pay $50 to prevent the data from being sold.


Level 5
Mar 17, 2023
Damn that's is the lowest of the low, going after cancer research and cancer patients. I normally don't wish ill onto people but I would not be sad to read obituaries for those individuals responsible in these attacks.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.