HQ/EMEAFind out how we can help your business
Planned Parenthood has confirmed that it suffered a cybercriminal incident that compromised its IT systems. Reports revealed that the company has taken some of its infrastructure offline to isolate the attack and mitigate its damages.
The affected entity is a New York-based nonprofit organisation that offers various reproductive healthcare services, birth control education, and healthy lifestyle advocacy. It is one of the significant providers of reproductive and sexual health services in the US.
Moreover, the company’s CEO revealed that the attack occurred late last month and that they are currently assessing the scope and impact of the malicious incident. The representative explained that its cybersecurity team discovered the incident after it affected its IT systems On August 28, 2024.
The company assured everyone that it immediately responded to the incident, including taking down the compromised network to prevent further damage. Additionally, Planned Parenthood’s CEO thanked Montana’s IT personnel for their prompt response and continued efforts to restore systems.
RansomHub admitted that it attacked Planned Parenthood.
The notorious RansomHub ransomware group claimed responsibility for the recent cyberattack on Planned Parenthood. The group released a threat that it would release a purported 93GB worth of data stolen from the company.
In addition, these ransomware operators used their extortion sites on the dark web to expose various confidential documents stolen from Planned Parenthood to make their claims legitimate.
Last week, various government agencies released a joint advisory concerning RansomHub’s tendency to target healthcare companies, which includes this incident. Hence, Planned Parenthood is the latest victim of this ongoing onslaught of RansomHub.
This organisation provides a wide range of reproductive and sexual healthcare services, including contraception, abortion treatment, and hormone therapy, so a data breach within the organisation can cause a significant threat to the privacy of its patients.
On the other hand, the latest investigation confirmed no evidence of data misuse caused by the stolen information.
This event is not the first incident in which Planned Parenthood suffered and endangered patient data. In 2021, separate ransomware actors infiltrated its Los Angeles department and stole 400,000 patients’ sensitive documents.
Patients of this healthcare institution should be wary of unsolicited communications and be vigilant of their digital presence despite the investigation claiming no data misuse. Threat actors commonly leverage stolen data for transactions in the first weeks of the attack’s aftermath, meaning compromised information might be helpful once a victim refuses to cooperate.
