Hunters International claims responsibility for a cyber assault on Fred Hutch, plunging patients into the crosshairs of personalized extortion threats.
The cybercriminal group known as Hunters International has asserted responsibility for a cyber assault on the Fred Hutchinson Cancer Center (Fred Hutch), resulting in patients being targeted with personalized extortion threats.
Fred Hutch, a Seattle-based center for cancer research, patient care, and treatment, oversees a network of more than ten clinical sites in the region.
At the beginning of this month, the hospital disclosed a cybersecurity incident that occurred on November 19, 2023, involving unauthorized access to its networks. In response, the health organization isolated the affected servers, temporarily shut down its clinical network to contain the threat, and promptly alerted federal law enforcement authorities.
According to information on Fred Hutch’s website, an investigation, aided by a prominent forensic expert, has not yielded any evidence suggesting the theft of patient data. However, investigations into this aspect are still ongoing.
Today, the ransomware group Hunters International has included Fred Hutchinson in their extortion portal on the dark web. The healthcare organization is now under threat of having 533.1GB of data, purportedly taken from its networks, leaked by the cybercriminals.
As of now, the threat actors have only released thumbnails of certain documents they claim to have extracted from Fred Hutch’s networks, indicating that the blackmail is still in progress.
Patient Extortion
In the recent Fred Hutch cyber incident, attackers individually emailed patients, as reported by the Seattle Times, threatening to expose sensitive data. Moreover, the emails claimed possession of extensive patient information for over 800,000 individuals, including names, Social Security numbers, phone numbers, medical history, lab results, and insurance details.
Furthermore, recipients were warned that their stolen data would be sold for fraudulent activities. In addition, the emails included personal details as proof and urged a $50 payment to prevent data sale. Despite these threats, Fred Hutch advised patients not to pay, emphasizing the importance of blocking the sender and deleting the email while promptly informing law enforcement.
Connecting the dots, Hunters International, a new Ransomware-as-a-Service group, is linked to the Fred Hutch attack. Notably, this group recently targeted Austal USA, a major U.S. government shipbuilding contractor, with ransom demands ranging from hundreds of thousands to millions of dollars.
Related stories:
