RansomHub, a notorious ransomware group, recently claimed responsibility for breaching Intermountain Planned Parenthood, a leading healthcare provider in the U.S. The group stole a massive 93GB of data and threatened to release it unless a ransom is paid. The exact amount demanded is still unknown, but the implications of this cyber attack are significant.
Planned Parenthood is currently conducting an investigation to determine the extent of the data compromise. Martha Fuller, the CEO and president of Planned Parenthood of Montana, confirmed the cybersecurity incident and stated that the organization is taking proactive measures to address the breach.
Experts have identified RansomHub as a ransomware-as-a-service group that specializes in data theft and extortion rather than file encryption. The group has targeted over 210 victims across critical infrastructure sectors, with the attack on Planned Parenthood being one of the most recent incidents. The FBI and CISA have issued a joint cybersecurity advisory warning about RansomHub’s increased activity and the need for heightened security measures.
Ferhat Dikbiyik, Chief Research and Intelligence Officer of Black Kite, highlighted RansomHub’s rapid growth within the ransomware ecosystem. He explained that the group’s aggressive affiliate model, combined with its attractive incentive structure for affiliates, has contributed to its success in targeting major organizations like Halliburton and Planned Parenthood. Approximately 40% of RansomHub’s attacks target professional services and manufacturing sectors, with U.S. companies accounting for a significant portion of the victims.
The recent attack on Planned Parenthood underscores the vulnerability of organizations, regardless of their size or mission, to cyber threats. This incident serves as a reminder of the importance of robust cybersecurity measures and ongoing monitoring of vulnerabilities in critical infrastructure sectors.
This is not the first time Planned Parenthood has faced cyber attacks. In 2015, the organization was targeted by DDoS attacks and a security breach following a controversial undercover video. The recent ransomware attack further emphasizes the ongoing threat landscape faced by organizations in the healthcare industry.
As the investigation into the breach continues, the healthcare provider is working to mitigate the impact of the cyber attack and enhance its cybersecurity defenses. Organizations across various sectors are urged to stay vigilant and implement proactive measures to protect against ransomware threats.
The evolving tactics of ransomware groups like RansomHub highlight the need for continuous monitoring and response to cybersecurity threats. With cyber attacks becoming increasingly sophisticated and damaging, organizations must prioritize cybersecurity measures to safeguard their data and infrastructure. Stay tuned for updates on this developing story.