The Fred Hutch Cancer Center was hacked by the Hunters International Ransomware-as-a-Service (RaaS) operation in December 2024. The attackers threatened to leak the stolen data of over 800,000 cancer patients if they were not paid. The breach involved the exposure of sensitive patient information, which could have significant repercussions for the patients' privacy and well-being.
TPRM report: https://scoringcyber.rankiteo.com/company/Fred Hutch Cancer Center
"id": "Fre351070325",
"linkid": "Fred Hutch Cancer Center",
"type": "Ransomware",
"date": "7/2025",
"severity": "100",
"impact": "7",
"explanation": "Attack that could injure or kill people"{'affected_entities': [{'industry': 'Law Enforcement',
'location': 'USA',
'name': 'U.S. Marshals Service',
'type': 'Government'},
{'industry': 'Optics',
'location': 'Japan',
'name': 'Hoya',
'type': 'Corporation'},
{'industry': 'Technology',
'name': 'Tata Technologies',
'type': 'Corporation'},
{'industry': 'Automobile Dealership',
'location': 'North America',
'name': 'AutoCanada',
'type': 'Corporation'},
{'industry': 'Navy Contractor',
'location': 'USA',
'name': 'Austal USA',
'type': 'Corporation'},
{'industry': 'Healthcare',
'location': 'Oklahoma, USA',
'name': 'Integris Health',
'type': 'Healthcare'},
{'customers_affected': 'Over 800,000 cancer patients',
'industry': 'Healthcare',
'name': 'Fred Hutch Cancer Center',
'type': 'Healthcare'}],
'attack_vector': 'Ransomware-as-a-Service (RaaS)',
'data_breach': {'data_encryption': True,
'data_exfiltration': True,
'number_of_records_exposed': 'Over 800,000',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Patient data']},
'description': 'Hunters International Ransomware-as-a-Service (RaaS) '
'operation announced today that it has officially closed down '
'its operations and will offer free decryptors to help victims '
'recover their data without paying a ransom.',
'impact': {'data_compromised': ['Worldwide companies',
'Patient data from Fred Hutch Cancer Center'],
'systems_affected': ['Windows',
'Linux',
'FreeBSD',
'SunOS',
'ESXi (VMware servers)']},
'initial_access_broker': {'high_value_targets': ['U.S. Marshals Service',
'Hoya',
'Tata Technologies',
'AutoCanada',
'Austal USA',
'Integris Health',
'Fred Hutch Cancer Center']},
'motivation': 'Increased law enforcement scrutiny and declining profitability',
'ransomware': {'data_encryption': True,
'data_exfiltration': True,
'ransom_demanded': ['Hundreds of thousands to millions of '
'dollars'],
'ransomware_strain': 'Hunters International'},
'references': [{'source': 'BleepingComputer'}, {'source': 'Group-IB'}],
'response': {'law_enforcement_notified': True},
'threat_actor': 'Hunters International',
'title': 'Hunters International Ransomware-as-a-Service (RaaS) Operation '
'Shutdown',
'type': 'Ransomware'}