UH Cancer Center data breach affects nearly 1.2 million people
Bleeping Computer
by Sergiu GatlanMarch 3, 2026
AI-Generated Deep Dive Summary
The University of Hawaii (UH) Cancer Center has confirmed a significant data breach involving nearly 1.2 million individuals, caused by a ransomware attack on its Epidemiology Division in August 2025. The breach exposed sensitive personal information, including Social Security Numbers and driver's license details, from historical research studies and public records. Affected individuals were notified through letters and emails, with the university also revealing that it paid the attackers to secure decryption tools and prevent further data misuse.
The compromised files included health information from the Multiethnic Cohort Study and other epidemiological research projects. Notably, clinical operations, patient care, and student records remained unaffected. The attack encrypted critical systems, delaying recovery efforts and highlighting the severe impact of ransomware on academic and healthcare institutions. UH emphasized its commitment to transparency and enhancing data protection measures.
This incident underscores the growing threat of ransomware in the healthcare sector, where sensitive data is at risk. Previous attacks, such as one affecting Hawaii Community College in 2023, demonstrate a concerning trend. The financial and reputational damage from such breaches can be substantial, urging organizations to prioritize robust cybersecurity protocols and preparedness for potential threats.
Verticals
securitytech
Originally published on Bleeping Computer on 3/3/2026