DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Troubling attacks on medical sector continue: cancer center’s data leaked, specialty infusion pharmacies locked?

Posted on December 18, 2023 by Dissent

Attacks on the medical sector continue.

Fred Hutchinson Cancer Center

This week,  the group known as Hunters International claimed responsibility for an attack on the Fred Hutchinson Cancer Center in Washington. Yesterday, they dumped data from an attack that allegedly included the exfiltration of 533.1 GB of files. Inspection of the tranche suggests that the attack mainly involved internal documents. However, the fact that patients were contacted directly with what has been reported by at least one patient as accurate information from their records suggests that the attackers did get at least some patient data. The file tree that was leaked also indicates patient files were accessible.

From the cancer center’s disclosures and the threat actors’ leak site, it does not appear that the attack involved encrypting any files or systems, but neither Fred Hutch nor the attackers would confirm that when asked by DataBreaches.

Fred Hutch has contacted patients via various means to alert them to the breach and advise them not to respond to any contacts by the threat actors. The center has already been served with more than half a dozen lawsuits from the November attack.

Listing for BioMatrix on Medusa blog shows a count-down clock, sample files (redacted by DataBreaches), and prices to delay publication, delete files, or download files.
Image: DataBreaches.net

BioMatrix LLC

BioMatrix provides specialty infusion pharmacy services to patients, prescribers, pharmaceutical manufacturers, and payers nationwide. Headquartered in Florida, they have locations and infusion centers in seven states.

On December 17, DataBreaches noted that the Medusa gang added BioMatrix to its website and posted screenshots of over two dozen internal files, including records with patients’ protected health information (PHI). The listing demands $10,000 to delay data publication for one day or $1 million to delete or download all data.

The countdown clock currently shows nine days left before more data is leaked.

Unlike some other groups, MedusaLocker does not provide any summary indicating when they attacked the victim, how much data they claim to have acquired, and what kinds of data were obtained. DataBreaches sent an inquiry to BioMatrix via its website seeking details, but no reply was received. A second inquiry was submitted by email earlier today, but no answer was immediately available.

Specialty pharmacies and infusion centers provide medications and treatments that cannot be obtained from regular pharmacies. If their systems are disrupted or locked, patient care is disrupted for patients who may not be able to get the needed treatment anywhere else in their state. If locked files contain essential details about the compounds or therapy and the patient doesn’t have a current copy of their medical records, an attack like this puts patients in danger of getting no treatment or the wrong treatment. While for some conditions, treatment delayed may not be life-threatening, for other disorders or conditions, it might be.

For those who don’t understand the potential harm of hitting specialty pharmacies or infusion centers or who have tweeted about this attack and mentioned potential financial or reputational harm but not the risk to medical safety and life, please take a minute to visit BioMatrix’s website. Please read up on the therapies and services they offer. DataBreaches does not know whether Medusa did lock BioMatrix and has contacted them via three of their qTox accounts to inquire, but none of those accounts are online at publication.

This post will be updated if more information becomes available.


Related:

  • Missouri Adopts New Data Breach Notice Law
  • Qantas obtains injunction to prevent hacked data’s release
  • Ransomware attack disrupts Korea's largest guarantee insurer
  • Theft from Glasgow’s Queen Elizabeth University Hospital sparks probe
  • Global operation targets NoName057(16) pro-Russian cybercrime network in Operation Eastwood
  • More than 100 British government personnel exposed by Ministry of Defence data leak
Category: Breach IncidentsHack

Post navigation

← Cyber Chaos in Ukraine: NoName Ransomware Strikes Prominent Targets
If at first you don’t succeed, screw it up again? →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Data breach feared after cyberattack on AMEOS hospitals in Germany
  • Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks
  • Global hack on Microsoft product hits U.S., state agencies, researchers say
  • Inquiry launched after identities of SAS soldiers leaked in fresh data breach
  • UK sanctions Russian cyber spies accused of facilitating murders
  • Michigan ‘ATM jackpotting’: Florida men allegedly forced machines to dispense $107K
  • Premier Health Partners issues a press release about a breach two years ago. Why was this needed now?
  • Bitcoin holds steady as hackers drain over $40 million from CoinCDX, India’s top exchange
  • Government will ‘robustly defend’ compensation claims from Afghans put at risk by data breach
  • Authorities released free decryptor for Phobos and 8base ransomware

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • British government reportedlu set to back down on secret iCloud backdoor after US pressure
  • Idaho agrees not to prosecute doctors for out-of-state abortion referrals
  • As companies race to add AI, terms of service changes are going to freak a lot of people out. Think twice before granting consent!
  • Uganda orders Google to register as a data-controller within 30 days after landmark privacy ruling
  • Meta investors, Zuckerberg reach settlement to end $8 billion trial over Facebook privacy violations
  • ICE is gaining access to trove of Medicaid records, adding new peril for immigrants
  • Microsoft can’t protect French data from US government access

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.