Ransomware Attack on The Cancer Center of Hawaii Delayed Radiation Therapy for Patients

Share this article on:

On November 5, 2019 The Cancer Center of Hawaii in Oahu was attacked with ransomware. The attack forced the Cancer Center to shut down its network servers, which meant it was temporarily prevented from providing radiation therapy to patients at Pali Momi Medical Center and St. Francis’ hospital in Liliha.

While patient services experienced some disruption, no patient information is believed to have been accessed by the attackers. The forensic investigation into the breach is ongoing but all data stored on its radiology machines has been recovered and its network is now fully operational.

It is unclear for how long its network was down and no information has been released so far on the types of patient information that may have been accessed.

The Cancer Center has notified the FBI about the breach and will report the incident to appropriate authorities, if the forensic investigators confirm that patient data may have been accessed.

The breach was confined to the Cancer Center’s systems. Pali Momi Medical Center and St. Francis’ hospital were unaffected by the attack as their patient data and systems are isolated from the Cancer Center.

Zuckerberg San Francisco General Hospital Alerts Patients to Improper Disposal Incident

1,174 patients of Zuckerberg San Francisco General Hospital are being notified that meal tickets containing a limited amount of their protected health information have been disposed of in an improper manner.

The meal tickets contained patients’ full names, their bed/unit in the hospital, birth month, dietary information, and the menu they received. The tickets should have been disposed of in confidential waste bins but were accidentally disposed of with regular trash.

The breach was due to an employee being unaware that the meal tickets needed to be sent for shredded. The San Francisco Department of Health learned about the improper disposal incident on November 15, 2019. The employee had been disposing of the meal tickets in regular trash bins between June 18 and November 4. The employee has since been advised of the correct procedures for the disposable of sensitive information.

The breach report submitted to the Department of Health and Human Services’ Office for Civil rights shows 1,174 patients have been affected.

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.

Share This Post On