Planned Parenthood of Montana Falls Victim to Cyber Attack

Planned Parenthood of Montana was targeted in a cyber attack that exposed 93 gigabytes of data. Allegedly, RansomHub is claiming responsibility for the breach and threatening to leak the data if a ransom is not paid. 

Planned Parenthood of Montana discovered the breach on August 28, 2024. Their IT team is currently investigating the extent of the compromised data.  

Thomas Richards from Synopsys Software Integrity Group stated, “The attack on Planned Parenthood is part of a concerning trend of healthcare providers being targeted by ransomware groups. Cyberattacks are on the rise across different industries as ransomware groups exploit organizations with weaker cybersecurity measures. Patients of Planned Parenthood are advised to enroll in credit monitoring services and remain vigilant against any fraudulent activities.”

Kevin Kirkwood, CISO at Exabeam, commented, “Following a cyberattack, Planned Parenthood has taken several systems offline to contain the breach. The attack, allegedly carried out by RansomHub, comes after a joint cybersecurity warning issued by the FBI and CISA, highlighting the group’s increasing targeting of various sectors such as government services, water and wastewater, transportation, and healthcare. 

“This incident underscores the persistence of modern threat actors. To combat evolving threats, organizations must continuously refine their Threat Detection and Incident Response (TDIR) processes. The recent advisory on RansomHub by the FBI and CISA outlined key tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs), which should form the basis for threat detection and mitigation efforts. It stressed the importance of keeping systems updated and implementing network segmentation to restrict attackers’ movement within systems. 

“A proactive cybersecurity approach involves adapting security measures to new TTPs and IOCs. Organizations should update their rules in their SIEM solution to alert the SOC team promptly. These mitigation strategies are crucial for organizations to effectively counter threats from RansomHub and bolster their cybersecurity defenses.”