RansomHub has announced a significant breach of Intermountain Planned Parenthood, claiming the theft of 93GB of sensitive data. As the healthcare provider conducts an investigation into this cyber attack, experts are sounding the alarm about increasing ransomware threats targeting essential sectors.
The RansomHub cybercrime group has asserted responsibility for infiltrating Planned Parenthood, specifically the Intermountain branch in Montana. This organization, known for its healthcare services across the United States, is now at the center of a serious data security incident.
Hackread.com’s research team has reported that RansomHub has showcased a portion of the claimed stolen data on its dark web leak site, revealing the extent of the breach. The leaked data reportedly encompasses a substantial 93GB of private information, with the group threatening to release more if a ransom is not paid, although the precise amount being demanded remains undisclosed.
Intermountain Planned Parenthood has confirmed the breach and is taking immediate action to mitigate the impact. An investigation is in progress to determine the extent of the compromised information. Martha Fuller, the CEO and President of Planned Parenthood of Montana, emphasized the organization’s rapid response, stating, “On August 28, 2024, we identified a cybersecurity incident affecting our IT systems and implemented our incident response protocols, including taking portions of our network offline.”
RansomHub, which emerged in early 2024 as a ransomware-as-a-service operation, primarily engages in the theft of data rather than file encryption. Security analysts suggest that RansomHub has evolved from the now-defunct Knight ransomware, also known as Cyclops. This group has already targeted over 210 victims across several critical sectors, making this breach particularly alarming given the recent FBI and CISA advisories warning of RansomHub’s amplified activity.
The #FBI, @CISAgov and other partners have released a joint
#CybersecurityAdvisory on Ransomhub, a ransomware-as-a-service (RaaS) variant that has claimed at least 210 victims in multiple critical infrastructure sectors. Click for details and mitigations:
https://t.co/vnQ5H0uVo6— FBI (@FBI)
August 29, 2024
Insights from Ferhat Dikbiyik, Chief Research and Intelligence Officer of Black Kite, indicate that RansomHub’s rapid ascent in the ransomware domain is propelled by an aggressive affiliate model and a roster of high-profile victims, including Halliburton and Planned Parenthood. His analysis reveals that 40% of their attacks are directed at professional services and manufacturing sectors, with U.S. companies comprising one-third of their targets. Critical industries—energy, healthcare, telecommunications, and financial services—are especially vulnerable to their tactics.
Dikbiyik warns of the broader consequences of these attacks, citing that incidents like the Halliburton breach illustrate the potential for widespread disruptions, including supply chain interruptions and energy shortages. The attack on Planned Parenthood underlines RansomHub’s focus on entities managing sensitive data and highlights the imperative for organizations to fortify their vulnerability management and third-party risk assessments, particularly as critical infrastructure remains under threat.
Historically, Planned Parenthood has faced cyber threats before, including a significant 2015 DDoS attack and breaches attributed to anti-abortion hacktivists. These past incidents follow a trend showcasing that all organizations, irrespective of their mission or scale, are susceptible to cyber invasions. This article will be updated as more information emerges. Stay informed.
RELATED TOPICS
- Non-Profit Blood Center OneBlood Hit by Ransomware Attack
- Iranian Hackers Team Up with Ransomware Gangs Against US
- PythonAnywhere Cloud Platform Abused for Hosting Ransomware
- Qilin Ransomware Upgrade: Now Steals Google Chrome Credentials
- BlackByte Ransomware Exploits VMware Flaw in VPN-Based Attacks
