Ethical Hacking News
The University of Hawaii Cancer Center has suffered one of its most devastating data breaches in history, leaving nearly 1.2 million individuals' sensitive information compromised. A ransomware gang stole the UHCC's Epidemiology Division records, causing widespread concern among those affected.
Nearly 1.2 million individuals' sensitive information was compromised in the University of Hawaii Cancer Center's data breach. The breach affected over 87,000 MEC Study participants and an additional 900,000 email addresses. Historical driver's license and voter registration records containing SSN identifiers were also compromised. The breach was caused by a ransomware gang and resulted in the encryption of systems, causing extensive damage. The incident did not impact clinical operations or patient care, but it left over 87,000 individuals' personal data compromised. The UH Cancer Center paid an undisclosed amount to the attackers to secure decryption tools and destruction of stolen information. The breach highlights the growing menace of ransomware attacks on educational institutions and emphasizes the importance of robust cybersecurity measures. The incident serves as a wake-up call for institutions to prioritize cybersecurity, invest in security infrastructure, and ensure transparent communication in the event of a breach.
The University of Hawaii Cancer Center has been hit by a catastrophic data breach, leaving nearly 1.2 million individuals' sensitive information compromised. In August 2025, the UH Cancer Center's Epidemiology Division was breached by a ransomware gang, who stole the personal data of over 87,000 MEC Study participants and an additional 900,000 email addresses. The attackers also gained access to historical driver's license and voter registration records containing SSN identifiers, which amounts to approximately 1.15 million individuals.
The breach was first confirmed by the UH Cancer Center on February 23, when notification letters were sent out to the affected MEC Study participants. However, it wasn't until a follow-up investigation revealed that the attackers had also encrypted the compromised systems, causing extensive damage and delaying the restoration efforts of the UHCC's digital systems.
According to a recent report published by the UH Cancer Center, the incident was isolated to the Epidemiology Division and did not impact clinical operations or patient care. However, this lack of impact does not diminish the severity of the breach, as it has left over 87,000 individuals' personal data compromised. In an attempt to mitigate the damage, the UHCC paid the attackers a ransom of undisclosed amounts to secure the decryption tool and the destruction of the information obtained by the threat actors.
This incident highlights the growing menace of ransomware attacks on educational institutions. With its devastating impact on sensitive data, it serves as a stark reminder of the risks associated with relying on these cyber threats to silence whistleblowers or extort money from institutions. Furthermore, it demonstrates the importance of robust cybersecurity measures in protecting against such breaches.
The UH Cancer Center has taken steps to address this issue and is committed to transparency and accountability. Director Naoto T. Ueno stated that "The UH Cancer Center deeply regrets that this incident occurred and that so many individuals have been impacted." The institution is working tirelessly to strengthen its research data protections, emphasizing the importance of safeguarding sensitive information.
In a broader context, this breach serves as a wake-up call for institutions and organizations to prioritize cybersecurity. It highlights the need for robust security measures, strict adherence to data protection regulations, and transparent communication in the event of a breach. The UH Cancer Center's experience also underscores the significance of investing in cybersecurity infrastructure, ensuring that it can effectively respond to such incidents.
As we move forward, institutions must take proactive steps to prevent similar breaches from occurring in the future. This requires a concerted effort from policymakers, educators, and security experts alike. By working together, we can create safer digital environments for everyone.
Related Information:
https://www.ethicalhackingnews.com/articles/The-University-of-Hawaiis-Epic-Data-Breach-A-Cautionary-Tale-of-Ransomware-and-Irreparable-Harm-ehn.shtml
https://www.bleepingcomputer.com/news/security/university-of-hawaii-cancer-center-ransomware-attack-affects-nearly-12-million-people/
https://www.civilbeat.org/2026/02/uh-cyber-hack-exposed-social-security-numbers-of-up-to-1-15-million/
Published: Tue Mar 3 05:13:30 2026 by llama3.2 3B Q4_K_M
