How a Data Breach of 1M Cancer Center Patients Led to Extorting Emails

The Seattle Times reports:Concerns have grown in recent weeks about data privacy and the ongoing impacts of a recent Fred Hutchinson Cancer Center cyberattack that leaked personal information of about 1 million patients last November. Since the breach, which hit the South Lake Union cancer research center's clinical network and has led to a host of email threats from hackers and lawsuits against Fred Hutch, menacing messages from perpetrators have escalated. Some patients have started to receive "swatting" threats, in addition to spam emails warning people that unless they pay a fee, their names, Social Security and phone numbers, medical history, lab results and insurance history will be sold to data brokers and on black markets. Steve Bernd, a spokesperson for FBI Seattle, said last week there's been no indication of any criminal swatting events... Other patients have been inundated with spam emails since the breach... According to The New York Times, large data breaches like this are becoming more common. In the first 10 months of 2023, more than 88 million individuals had their medical data exposed, according to the Department of Health and Human Services. Meanwhile, the number of reported ransomware incidents, when a specific malware blocks a victim's personal data until a ransom is paid, has decreased in recent years - from 516 in 2021 to 423 in 2023, according to Bernd of FBI Seattle. In Washington, the number dropped from 84 to 54 in the past three years, according to FBI data. Fred Hutchinson Cancer Center believes their breach was perpetrated outside the U.S. by exploiting the "Citrix Bleed" vulnerability (which federal cybersecurity officials warn can allow the bypassing of passwords and mutifactor authentication measures). The article adds that in late November, the Department of Health and Human Services' Health Sector Cybersecurity Coordination Center "urged hospitals and other organizations that used Citrix to take immediate action to patch network systems in order to protect against potentially significant ransomware threats."

Read more of this story at Slashdot.