Ransomware gang behind threats to Fred Hutch cancer patients

Trending 2 months ago

Fred Hutch

The Hunters International ransomware pack claimed to beryllium down a cyberattack connected nan Fred Hutchinson Cancer Center (Fred Hutch) that resulted successful patients receiving personalized extortion threats.

Fred Hutch is simply a Seattle-based crab investigation and diligent attraction and curen halfway operating a web of much than 10 objective sites successful nan region.

At nan commencement of nan month, nan infirmary disclosed a cybersecurity incident that occurred connected November 19, 2023, involving unauthorized entree to its networks.

The wellness statement quarantined nan impacted servers, took its objective web offline to forestall nan dispersed of nan threat, and notified nan national rule enforcement authorities of nan attack.

The investigation conducted pinch nan thief of a starring forensic master has not produced grounds that nan attackers stole diligent data, according to the notice connected Fred Hutch's website. However, investigations connected that beforehand haven't been completed yet.

Today, nan ransomware group Hunters International has added Fred Hutchinson to their extortion portal connected nan acheronian web, threatening nan healthcare statement pinch leaking 533.1GB of information allegedly stolen from its networks.

The threat actors person only published thumbnails of prime documents they declare to person exfiltrated from Fred Hutch's networks, truthful nan blackmail is still underway.

Fred Hutch listed connected Hunter's extortion portalFred Hutch listed connected Hunter's extortion portal (BleepingComputer)

Patients threatened

Last week, it was reported that nan threat actors responsible for nan onslaught connected Fred Hutch were emailing patients individually, threatening them pinch nationalist disclosure of their delicate data.

As reported by the Seattle Times, nan attackers emailed galore patients stating they person nan names, Social Security numbers, telephone numbers, aesculapian history, laboratory results, and security history of complete 800,000 patients.

"If you are reference this, your information has been stolen and will soon beryllium sold to various information brokers and achromatic markets to beryllium utilized successful fraud and different criminal activities," sounds nan emails seen by nan Seattle Times.

These emails reportedly contained recipients' individual accusation arsenic proof, including a patient's address, telephone number, and aesculapian grounds number, and a nexus to a tract wherever they could salary $50 to forestall nan information from being sold.

Fred Hutch issued a warning astir nan email messages and notified rule enforcement. Also, they told patients who received nan emails not to salary nan threat actors and alternatively artifact nan sender and delete nan email.

Calling aliases emailing customers, contractors, and partners of a breached statement to unit nan unfortunate is not caller toto ransomware. However, it is not communal for threat actors to connection exposed individuals a measurement to forestall their information from being released.

Hunters International is simply a reasonably caller Ransomware-as-a-Service (RaaS) cognition that is believed to beryllium a rebrand of nan Hive ransomware cognition owed to similarities successful nan encryptor's code.

However, Hunters International has denied immoderate relationship to Hive, saying that they purchased nan package and website from the defunct ransomware operation.

The threat actors target companies of each sizes, pinch ransom demands seen by BleepingComputer ranging between hundreds of thousands to millions of dollars.

Last week, nan threat group claimed an onslaught against Austal USA, a salient shipbuilding contractor for nan U.S. government.