MYNORTHWEST NEWS

Cancer patients face blackmail threats after Fred Hutch data breach

Dec 8, 2023, 6:38 AM

Image: A sign outside the Fred Hutchinson Cancer Center in Seattle can be seen in December 2023....

A sign outside the Fred Hutchinson Cancer Center in Seattle can be seen in December 2023. (Image courtesy of KIRO 7)

(Image courtesy of KIRO 7)

SEATTLE — As if battling cancer isn’t hard enough, now patients at UW’s Fred Hutchinson Cancer Center are being extorted.

Last month, the Cancer Center experienced a data breach, exposing data for an unknown number of patients.

Some of those patients are getting emails threatening to leak their personal information if they don’t pay up.

Nicholas Quinlan got one of those emails at 6:30 am Wednesday. He said he didn’t even know about the Nov. 19th data breach before then.

“To me, it felt like a real good sales tactic like here’s all your information do you want to pay to get it offline,” said Quinlan.

That email, which is attached below in its entirety said in the subject line, “[FREDHUTCH] QUINLAN NICHOLAS Your private data and medical history is being sold on dark net markets.”



It also says Quinlan is one of 800,000 patients whose “names, SSN, addresses, phone numbers, medical history, lab results, and insurance history,” is compromised.

“The email had information that looked pretty real. it had my address it had my patient record number; it had my insurer on it. I felt like it was pretty likely that data had been lost or was online publicly,” said Quinlan.

The email references the November data breach. It also says “We have been in contact with Fred Hutchinson Cancer Center. They had the chance to protect your data, but they refused to make a deal.” That email also tells recipients, it’ll only cost $50 to get that info scrubbed from the dark web.”

“I definitely went back and forth on it, you know $50 for my social security number not being out there that sounds ok,” said Quinlan. He added, “There’s no honor amongst thieves so I didn’t feel I could trust that $50 would go on to remove my information.”

Fred Hutch Cancer Center says they’re working to find out how many patients had their information leaked; but know that email has gone to others.

The Cancer Center has been telling patients:

We are sorry you’re receiving these messages. Unfortunately, this is a common tactic threat actors use, and we have notified local and federal law enforcement of these messages. If the message demands a ransom, DO NOT PAY IT. Please report these messages to the FBI’s Internet Crime Complaint Center at ic3.gov. Then block the sender and delete the message. In addition, you may consider reporting the message as spam through your email.



Quinlan says he hasn’t gotten that email. He also says he’s never set foot in the Cancer Center, but he is a patient with UW Medicine.

“If you look where the domain is from, that’s a Brazilian domain, and who knows if the hackers are there or if they hacked that website that’s sending emails,” said Quinlan.
Fred Hutch and UW Medicine merged back in 2021, so the Cancer Center is under the umbrella of UW Medicine.

Again, to report getting that extortion email, Fred Hutch encourages victims to make a report at https://www.ic3.gov/

MyNorthwest News

mortgage...

Frank Sumrall

$2M resolution with mortgage firm: Are you one of 1,500 WA residents owed money?

1,500 WA residents will get to claim their share of $2 million as a result of a resolution with Nationstar for mortgage violations.

15 minutes ago

This Chevron station was one of at least five businesses hit in a series of convenience store robbe...

Bill Kaczaraba

Seattle man arrested after reportedly ramming multiple vehicles trying to flee police

A 31-year-old man was arrested Tuesday after he reportedly rammed and damaged more than half a dozen vehicles while escaping from police.

3 hours ago

tacoma fire department...

Brooke Griffin and Madeline Ottilie, KIRO 7 News

Tacoma City Council passes budget, adds $2.5 million to maintain fire department staffing

The Tacoma City Council has voted to pass the 2025-2026 budget, ultimately voting to increase funding for the fire department.

3 hours ago

Locust Cider...

Frank Sumrall

WA-based Locust Cider closing six taprooms throughout the state

Locust Cider, a popular Washington-based cider company, is closing six of its taprooms throughout the state.

4 hours ago

Photo: Damage is seen in a neighbourhood in Issaquah, Wash., Wednesday, Nov. 20, 2024, after a 'bom...

Ted Buehner

Winds up to 100 mph in the Hanukkah Eve storm

In 2006, the Hanukkah Eve Wind Storm struck Western Washington. This weekend will mark the highly impactful storm from 18 years ago.

5 hours ago

Photo: A prototype drone test sprays paint to cover up graffiti in Tacoma in spring 2024....

Chris Sullivan

Are anti-graffiti drones the future of keeping WA’s roads clear of the vandalism?

WSDOT believes the state should allocate more money to program more drones to combat graffiti and train more pilots for said drones.

6 hours ago

Cancer patients face blackmail threats after Fred Hutch data breach