Ransomware Cripples Cancer Center

The initial intrusion was first detected on August 31, 2025, but the full scope of the breach wasn't disclosed until late February 2026. The delay was attributed to the extensive encryption by the attackers, which complicated the process of restoring systems and assessing which data had been compromised. This attack specifically targeted the Cancer Center's Epidemiology Division, leaving clinical operations and patient care systems untouched. The hackers encrypted and exfiltrated files from research servers, with no impact on the center's electronic medical records or active patient treatment. The vast majority of the compromised data was not from active patients but from decades-old research files. This included records from a Multiethnic Cohort Study started in 1993 and historical voter registration and driver's license lists from as far back as 1998, a time when Social Security numbers were commonly used as identifiers. Of the nearly 1.2 million individuals impacted, 87,493 were participants in specific diet and cancer studies whose files contained names, Social Security numbers, and some health-related information. An additional 1.15 million people were affected through the inclusion of their information in the historical state records the university used for research. In a move to protect the compromised individuals, the University of Hawaiʻi acknowledged it made the "difficult decision" to engage with the threat actors. They worked with cybersecurity experts to obtain a decryption tool and received assurances that the stolen data had been destroyed. This incident is not the first for the University of Hawaiʻi system. In 2023, Hawaiʻi Community College also suffered a ransomware attack and ultimately paid a ransom to the NoEscape ransomware gang after the data of approximately 28,000 people was impacted.