Critical

University of Hawaii Cancer Center hit by ransomware attack

BleepingComputer
Actively Exploited

Overview

In August 2025, the University of Hawaii's Cancer Center experienced a ransomware attack that compromised sensitive data belonging to study participants. The breach included historical documents dating back to the 1990s, which contained Social Security numbers. This incident raises significant concerns about the protection of personal information in medical research, particularly as the stolen data can be used for identity theft and fraud. The university is now facing the challenge of addressing the fallout from this breach, including notifying affected individuals and enhancing their cybersecurity measures to prevent future incidents. As healthcare institutions increasingly rely on digital systems, the need for robust data protection strategies has never been more critical.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: University of Hawaii Cancer Center data, study participant information, Social Security numbers
  • Timeline: Ongoing since August 2025

Original Article Summary

​University of Hawaii says a ransomware gang breached its Cancer Center in August 2025, stealing data of study participants, including documents from the 1990s containing Social Security numbers. [...]

Impact

University of Hawaii Cancer Center data, study participant information, Social Security numbers

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Ongoing since August 2025

Remediation

Not specified

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Ransomware, Data Breach, Critical.

Related Coverage

23andMe to pay $18 million in new genetics data breach settlement

BleepingComputer

23andMe, the genetic testing company, has agreed to pay $18 million to settle a lawsuit filed by a coalition of 43 attorneys general. The lawsuit claimed that 23andMe failed to adequately protect its customers' genetic data, putting sensitive information at risk. This settlement comes as part of a broader push for companies to prioritize data security, especially when handling personal genetic information. Customers who used 23andMe's services are particularly affected, as their genetic data could have been exposed. The situation raises significant concerns about privacy and the responsibilities of companies in safeguarding sensitive health information.

Jul 16, 2026

New TELEPUZ Malware Spreads via ClickFix to Steal Data and Run Commands

The Hacker News

Cybersecurity experts have identified a new malware named TELEPUZ that has been spreading since late April 2026 through compromised websites using ClickFix lures. This modular malware is designed to steal data and execute commands on infected systems. Researchers from Elastic Security Labs note that while the number of command-and-control domains associated with TELEPUZ is currently limited, its capabilities raise significant concerns for users and organizations. The lightweight nature of the malware makes it particularly dangerous, as it can easily evade detection. Users visiting infected sites are at risk, making it crucial for individuals and companies to remain vigilant about their online activities and security practices.

Jul 16, 2026

New ClickLock macOS Stealer Kills Apps Every 210ms Until Victims Type Their Password

The Hacker News

A new piece of malware known as ClickLock Stealer is targeting macOS users by forcing them to input their login passwords. This infostealer operates by running a command in the Terminal that creates a fake system dialog asking for the password. If the victim cancels this request, the malware repeatedly kills various applications—including Finder and Terminal—every 210 milliseconds until the password is provided. Once the victim logs in again, the malware installs two LaunchAgents, allowing it to operate silently in the background. This type of attack is particularly concerning as it manipulates user behavior to extract sensitive information, highlighting the need for users to be cautious about unexpected prompts and commands.

Jul 16, 2026

20+ Hijacked Government Websites Became
an Attack Channel

The Hacker News

Over 20 Brazilian government websites have been hijacked as part of a campaign by a group known as PhantomEnigma. These sites were repurposed to deliver malware, which poses a significant risk to users who visit them. Researchers from ANY.RUN discovered previously unknown backdoor tactics and complex relationships within the cybercriminal infrastructure involved. This incident not only affects the integrity of government websites but also puts the data and security of users at risk, highlighting the ongoing challenges in protecting public digital resources. It serves as a reminder for both users and government agencies to remain vigilant against such attacks.

Jul 16, 2026

Daxin Resurfaces in Taiwan Alongside Stupig Pre-Login SYSTEM Backdoor

The Hacker News

Daxin, an advanced malware linked to a Chinese threat actor, has been detected again after a four-year gap, this time within a manufacturing firm in Taiwan. This kernel-mode rootkit, identified as 'srt64.sys', was first reported by Symantec in March 2022. Alongside Daxin, researchers have also discovered a new backdoor called Stupig, which has not been previously documented. The resurgence of Daxin raises concerns about targeted attacks on critical infrastructure, particularly in sectors like manufacturing that are vital to the economy. Organizations in Taiwan and similar industries need to be vigilant and reassess their cybersecurity measures to protect against these sophisticated threats.

Jul 16, 2026

CISA orders feds to patch actively exploited Oracle flaw by Saturday

BleepingComputer

The Cybersecurity and Infrastructure Security Agency (CISA) has mandated that federal agencies address a serious vulnerability in the Oracle E-Business Suite by Saturday. This flaw is being actively exploited in the wild, posing risks to financial operations managed through the software. Agencies are urged to take immediate action to protect their systems from potential attacks that could compromise sensitive financial data. The urgency of this directive reflects the critical nature of the vulnerability and the potential impact on government operations if left unaddressed.

Jul 16, 2026