In late August, Intermountain Planned Parenthood of Montana suffered a cyberattack which is still under investigation. The attack has been claimed by a ransomware group.
Intermountain Planned Parenthood Inc., doing business as Planned Parenthood Of Montana, is a nonprofit organization that provides sexual health care services. It is not yet known whether any personal information about patients might have been stolen, but that could potentially be devastating.
The patients who rely on Planned Parenthood for care are frequently low-income and face health care disparities due to race, gender, sexuality, or because they live in underserved areas. Sometimes they are minors that have been in contact with the criminal justice system, and they are not eligible for insurance or depend on Medicaid Expansion for coverage.
The group behind the attack, Ransomhub, has claimed responsibility on their leak site where they threaten to publish stolen data to increase the leverage over their victims.
“Intermountain Planned Parenthood, a leading nonprofit organization, is dedicated to empowering individuals in Montana to make informed decisions regarding their sexual and reproductive health.”
The listing on the leak site shows financial information, court papers, and insurance certificates. Ransomhub set a timer for Planned Parenthood. The timer counts to September 11 before the release of all the data.
Ransomhub listed the size of the data set at 93 GB, but ransomware groups have been known to exaggerate, lie, and mislead. They are criminals after all.
As laid out in a recent joint advisory by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Department of Health and Human Services (HHS), RansomHub is a relatively new but very active Ransomware-as-a-Service group known to target healthcare organizations and other critical infrastructure sectors.
According to a recent ThreatDown ransomware report, healthcare and education are the hardest hit sector after “Services” in the US, accounting for 60% and 71% of global attacks in these sectors, respectively.
And in the ThreatDown Ransomware Review of August 2024 we can see that Ransomhub was the gang responsible for the largest number of known attacks in July.
This story will be updated once we find out more about the nature of the stolen data.
There are some actions you can take if you are, or suspect you may have been, the victim of a data breach.
If you want to find out what personal data of yours has been exposed online, you can use our free Digital Footprint scan. Fill in the email address you’re curious about (it’s best to submit the one you most frequently use) and we’ll send you a free report.
We don’t just report on threats – we help safeguard your entire digital identity
Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.