On December 8, DataBreaches reported that Fred Hutchinson Cancer Center had been the victim of a ransomware attack and that the then-unnamed threat actors were trying to extort patients directly.
Today we learned that the threat actors are Hunters International, who listed the incident on their leak site. As of publication, they have not leaked data, but threaten to leak 533.1 GB of information consisting of 711,627 files. They thumbnail 16 screenshots that will also allegedly be available soon but are not easily readable at thist ime.
In other listings on their site, Hunters usually indicates when they have locked a victim. In this case, there is no symbol indicating that Fred Hutch was locked, suggesting that this is an extortion incident based on exfiltrated data and not for a decryptor.
DataBreaches contacted Hunters International with some questions about the incident, including asking them whether they had locked Fred Hutch, how they set the per patient price at $50 to remove a patient’s data, and how many patients have taken them up on that offer so far.
They declined to comment at this time.