UH Cancer Center data breach affects nearly 1.2 million people

Cybersecurity Threats Escalate: Breaches, Vulnerabilities, and the Skills Gap

Subtitle: Ransomware attacks, Android vulnerabilities, and a shortage of skilled professionals threaten global cybersecurity

Excerpt: A recent data breach at the University of Hawaii Cancer Center, a zero-day exploit in Android, and a severe shortage of cybersecurity skills highlight the escalating threats to global cybersecurity.

The University of Hawaii Cancer Center has confirmed that a ransomware gang stole the data of nearly 1.2 million individuals after breaching its Epidemiology Division in August 2025. The breach, which occurred in August, was only recently discovered, and notification letters were sent to over 87,000 people enrolled in the center's Multiethnic Cohort (MEC) Study between 1993 and 1996.

What Happened

The breach at the University of Hawaii Cancer Center is just one example of the growing threat of ransomware attacks. According to the World Economic Forum, the global cost of cybercrime is projected to reach $6 trillion by 2025. The attack on the University of Hawaii Cancer Center is particularly concerning, given the sensitive nature of the data stolen.

In addition to the breach, a zero-day vulnerability in Android has been discovered, which is being actively exploited by attackers. The vulnerability, known as CVE-2026-21385, affects 235 Qualcomm chipsets and can be used to trigger memory corruption.

Why It Matters

The escalating threat of cybersecurity breaches and vulnerabilities highlights the need for skilled professionals to protect against these threats. However, a severe shortage of cybersecurity skills is hindering efforts to build sustainable cybersecurity talent pipelines. According to the World Economic Forum, only 14% of organizations are confident they have the people and skills required to meet their cybersecurity objectives.

Key Factors Impacting the Cyber Skills Gap

• Budget cuts: Reduced budgets are driving a security team shortage, according to Sameer Ansari, global CISO solutions leader at Protiviti.
• Burnout: Existing cybersecurity talent is increasingly searching for other opportunities due to high stress and an always-on mentality.
• Increasing threat complexity: The growing sophistication of cyber threats is making it harder for organizations to find skilled professionals.
• Lack of diversity: The cybersecurity industry lacks diversity, which is limiting the pool of potential candidates.
• Education and training: There is a need for more education and training programs to develop cybersecurity skills.
• Certification: Certification programs are not keeping pace with the rapidly evolving threat landscape.
• Retirement: The retirement of experienced cybersecurity professionals is exacerbating the skills shortage.

What Experts Say

> "The cybersecurity skills gap is a major concern for organizations. We need to invest in education and training programs to develop the skills we need to protect against these threats." — Sameer Ansari, global CISO solutions leader at Protiviti

Key Facts

• Who: University of Hawaii Cancer Center
• What: Ransomware attack and data breach
• When: August 2025
• Where: Hawaii, USA
• Impact: 1.2 million individuals affected

What Comes Next

The escalating threat of cybersecurity breaches and vulnerabilities highlights the need for urgent action to address the skills shortage. Organizations must invest in education and training programs to develop the skills needed to protect against these threats. Additionally, governments and industries must work together to address the root causes of the skills shortage and develop a more sustainable cybersecurity talent pipeline.