Planned Parenthood of Montana experienced a cyber attack

Image via Unsplash

Planned Parenthood of Montana experienced a cyber attack that allegedly exposed 93 gigabytes of data. At this time, RansomHub has claimed responsibility for the breach and has threatened to leak the data if a ransom is not paid.

According to Planned Parenthood of Montana, the breach was discovered on August 28, 2024. The IT team is currently investigating what data may be compromised.

Thomas Richards, Synopsys Software Integrity Group, comments, “The attack on Planned Parenthood continues the unsettling trend of healthcare providers being targeted by ransomware groups. We see an increase in breaches from different industry verticals as ransomware gangs target organizations that have less robust cybersecurity practices. With how sensitive the breached information is, patients of Planned Parenthood should register for credit monitoring services and be mindful of any medical claims made.”

Kevin Kirkwood, CISO at Exabeam, remarks, “A cyberattack on Planned Parenthood has caused the organization to take various systems offline to limit the extent of the attack. This incident which was allegedly claimed by the RansomHub threat group, follows a joint cybersecurity advisory issued just a week earlier by the FBI and CISA. This advisory warned about the group’s expanding activity, targeting organizations across sectors including government services, water and wastewater, transportation, and healthcare.

“This incident reiterates the growing persistence of today’s threat actors. In response to such evolving threats, cybersecurity must be viewed as an ongoing process of risk reduction. As attackers continuously refine their tactics and techniques, organizations must ensure the effectiveness of their Threat Detection and Incident Response (TDIR) processes.

“The advisory released last week outlined the key tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) for RansomHub which should be used as a foundation for threat detection and mitigation. It also emphasized the importance of keeping systems updated and implementing network segmentation to limit the reach of attackers and lateral movement within systems.

“A security program must be flexible in its approach and adapt to new TTPs and IOCs. Rules should encompass those changes in your SIEM solution and be ready to alert the SOC community as soon as practicable. These mitigations should serve as a base for organizations across sectors to effectively mitigate against RansomHub. By taking these steps, organizations can strengthen their defenses and build a more proactive cybersecurity posture.”

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Jordyn Alger is the managing editor for Security magazine. Alger writes for topics such as physical security and cyber security and publishes online news stories about leaders in the security industry. She is also responsible for multimedia content and social media posts. Alger graduated in 2021 with a BA in English – Specialization in Writing from the University of Michigan. Image courtesy of Alger

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.