University of Hawaiʻi Cancer Center Suffers Ransomware Attack, Exposing Data of 1.2 Million Individuals
The University of Hawaiʻi Cancer Center disclosed a ransomware attack on its epidemiology division, resulting in the exposure of sensitive data belonging to up to 1.2 million people. The breach, discovered on August 31, 2025, involved hackers accessing records containing Social Security numbers (SSNs), driver’s license numbers, and voter registration data from the Hawaiʻi State Department of Transportation and the City and County of Honolulu, dating back to 1998.
The compromised files included health-related information tied to the Multiethnic Cohort (MEC) Study, a long-term research initiative launched in 1993 that used driver’s license and voter records for participant recruitment. In addition to MEC Study data, files from three other epidemiological studies on diet and cancer were also accessed. While 87,493 study participants had their information stolen, the university estimated that 1.15 million additional individuals whose personal data was included in historical records may have been affected.
Due to the severity of the encryption, the university took time to restore systems and assess the breach’s scope. During the investigation, officials engaged with the threat actors to mitigate further exposure, though the responsible group remains unidentified. A cybersecurity firm later obtained a decryption tool and secured confirmation that the stolen data was destroyed.
The university stated there is no evidence the information has been published, shared, or misused. The attack targeted epidemiology research servers and did not impact the Cancer Center’s clinical trials, patient care, or other divisions.
University of Hawaiʻi Cancer Center Director Naoto Ueno issued an apology, emphasizing the institution’s commitment to transparency. University President Wendy Hensel announced a systemwide IT security review across all 10 campuses to strengthen protections. The incident follows a 2023 ransomware attack on Hawaiʻi Community College, which affected 28,000 individuals and involved a ransom payment to the NoEscape ransomware gang. The University of Hawaiʻi system serves approximately 50,000 students across three universities, seven community colleges, and multiple research facilities. Investigations into the latest breach remain ongoing.
Source: https://therecord.media/university-of-hawaii-ransomware-data-breach
State of Hawaiʻi cybersecurity rating report: https://www.rankiteo.com/company/state-of-hawaii
"id": "STA1772483329",
"linkid": "state-of-hawaii",
"type": "Breach",
"date": "8/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '1.2 million individuals (87,493 '
'study participants + 1.15 '
'million historical records)',
'industry': 'Healthcare/Research',
'location': 'Hawaiʻi, USA',
'name': 'University of Hawaiʻi Cancer Center',
'size': 'Part of a system serving ~50,000 students',
'type': 'Research Institution'}],
'customer_advisories': 'Public disclosure of breach and affected data',
'data_breach': {'data_encryption': 'Yes, files were encrypted by ransomware',
'data_exfiltration': 'Yes, data was stolen',
'number_of_records_exposed': '1.2 million',
'personally_identifiable_information': 'Yes (SSNs, driver’s '
'license numbers, '
'voter registration '
'data)',
'sensitivity_of_data': 'High (PII and health data)',
'type_of_data_compromised': ['Social Security numbers',
'Driver’s license numbers',
'Voter registration data',
'Health-related research '
'information']},
'date_detected': '2025-08-31',
'description': 'The University of Hawaiʻi Cancer Center disclosed a '
'ransomware attack on its epidemiology division, resulting in '
'the exposure of sensitive data belonging to up to 1.2 million '
'people. The breach involved hackers accessing records '
'containing Social Security numbers (SSNs), driver’s license '
'numbers, and voter registration data from the Hawaiʻi State '
'Department of Transportation and the City and County of '
'Honolulu, dating back to 1998. The compromised files included '
'health-related information tied to the Multiethnic Cohort '
'(MEC) Study and three other epidemiological studies on diet '
'and cancer.',
'impact': {'brand_reputation_impact': 'Yes, due to data exposure and prior '
'incident in 2023',
'data_compromised': 'Sensitive personal data including SSNs, '
'driver’s license numbers, voter registration '
'data, and health-related research information',
'identity_theft_risk': 'High, due to exposure of SSNs and driver’s '
'license numbers',
'operational_impact': 'Delayed system restoration and breach '
'assessment; no impact on clinical trials or '
'patient care',
'systems_affected': 'Epidemiology research servers'},
'investigation_status': 'Ongoing',
'lessons_learned': 'Need for systemwide IT security review and stronger '
'protections across all campuses',
'post_incident_analysis': {'corrective_actions': 'Systemwide IT security '
'review; confirmation of '
'data destruction'},
'ransomware': {'data_encryption': 'Yes',
'data_exfiltration': 'Yes',
'ransom_paid': 'No (data was destroyed, no evidence of '
'payment)'},
'recommendations': 'Enhanced cybersecurity measures, including potential '
'network segmentation, adaptive monitoring, and incident '
'response planning',
'references': [{'source': 'University of Hawaiʻi Cancer Center Disclosure'}],
'response': {'communication_strategy': 'Public disclosure and apology from '
'leadership',
'containment_measures': 'Engagement with threat actors to '
'mitigate exposure; decryption tool '
'obtained',
'recovery_measures': 'Systems restored; ongoing investigations',
'remediation_measures': 'Confirmation that stolen data was '
'destroyed; systemwide IT security '
'review announced',
'third_party_assistance': 'Yes, cybersecurity firm engaged for '
'decryption and breach assessment'},
'stakeholder_advisories': 'University leadership issued apologies and '
'announced security reviews',
'title': 'University of Hawaiʻi Cancer Center Ransomware Attack',
'type': 'Ransomware'}