A notorious ransomware gang has claimed the theft of over 90 gigabytes of data allegedly stolen from nonprofit reproductive health organization Planned Parenthood.
The cybercriminal group, operating the RansomHub ransomware operation, has hit over 200 victims since the beginning of the year, the US government noted in an advisory last week.
The ransomware gang is known for targeting organizations in the communications, critical infrastructure, financial, food and agriculture, government, manufacturing, and transportation sectors.
On Wednesday, RansomHub listed Planned Parenthood on its Tor-based leak site, threatening to leak 93 Gb of data supposedly exfiltrated from the nonprofit last week.
The ransomware group has published a series of confidential documents as proof of intrusion into Planned Parenthood’s network and threatens to make all the data public within seven days, unless a ransom is paid.
Without sharing specific details on the intrusion, the nonprofit has confirmed that Planned Parenthood of Montana has fallen victim to a cyberattack and that certain systems were taken offline to contain the incident.
“On August 28, 2024, Planned Parenthood of Montana (PPMT) identified a cybersecurity incident affecting our IT systems. We immediately implemented our incident response protocols, including taking portions of our network offline as a proactive security measure,” PPMT CEO and president Martha Fuller told SecurityWeek.
She also noted that PPMT’s IT staff is working with cybersecurity partners to restore the affected systems and that law enforcement has been notified. Fuller also acknowledged RansomHub’s claims, but made no comment regarding their validity.
Advertisement. Scroll to continue reading.
“We also want to thank our providers and health center staff, for working to minimize any operational disruptions and continue providing care to our patients. We appreciate our community’s patience and understanding as we work to address this incident,” Fuller added.
As the investigation into the attack continues, PPMT has yet to confirm whether the attacks have exfiltrated any personal information and the number of potentially affected individuals.
This is not the first time Planned Parenthood has fallen victim to hackers. In December 2021, it revealed that information on 400,000 patients was stolen in a ransomware attack at its Los Angeles branch. The same year, the Metropolitan Washington branch was hacked, and information on hundreds of Planned Parenthood employees was leaked online in 2015.
Related: Microchip Technology Confirms Personal Information Stolen in Ransomware Attack
Related: Halliburton Confirms Data Stolen in Cyberattack
Related: Watch on Demand: Cloud & Data Security Summit
Related: RubyCarp: Insights Into the Longevity of a Romanian Cybercriminal Gang