Cyber Incident Victim: Fred Hutchinson Cancer Center

The Fred Hutchinson Cancer Center detected unauthorized cyber activity affecting limited portions of its clinical network during Thanksgiving week of 2023, with the incident first identified on or around November 20. Hospital staff observed anomalous behavior confined to clinical operations rather than research systems, prompting immediate internal investigations. Christina VerHeul, the organization's associate vice president of communications, publicly disclosed the breach on November 23 while emphasizing that impact assessments remained ongoing. Forensic specialists were engaged to analyze the scope of compromised data and systems, though no specific technical details about the attack vector or threat actor were released. Clinical operations continued without reported disruptions during the investigation phase.

Fred Hutch officials confirmed the breach exclusively targeted clinical network segments but did not specify whether patient records, employee data, or medical devices were affected. The center acknowledged potential risks to patient and employee information but stated definitive conclusions about data exposure required further forensic examination. No ransomware claims or extortion demands were referenced in initial disclosures. Response teams prioritized determining the breach's duration, entry points, and data exfiltration extent while maintaining clinical services. The organization committed to notifying affected individuals pending investigation results but provided no timeline for public updates or regulatory filings.