Planned Parenthood of Montana, a sexual and reproductive health provider, was hit by a ransomware attack earlier this week, losing gigabytes of sensitive customer data.
The company’s CEO and president of the Planned Parenthood Montana office, Martha Fuller, confirmed the news to The registerproviding the usual, pre-packaged statement about how the company has activated its incident response protocol, notified law enforcement and is taking the matter “very seriously.”
“We are grateful to our IT staff and cybersecurity partners, who are working around the clock to safely restore affected systems as quickly as possible, and who are tirelessly investigating the cause and scope of the incident,” she told the publication. “That investigation is ongoing.”
RansomHub takes the blame
While Planned Parenthood of Montana is investigating, the hackers behind the attack have already added the organization to the data breach site and are threatening to release gigabytes of data unless a ransom is paid. The group, according to the same source, is RansomHub, the notorious threat actor that spun off from the defunct ALPHV. In fact, earlier this week, CISA and friends issued a new security advisory warning organizations in both the public and private sectors of the dangers RansomHub poses to their operations.
On the breach site, RansomHub claims to have stolen 93GB of sensitive data and has given the organization seven days to return the money. So far, neither Planned Parenthood nor RansomHub have discussed the nature of the stolen data, so we don’t know how much personally identifiable information (PII) was found in the archives.
It’s also worth noting that Planned Parenthood of Montana is a nonprofit organization, and most of its funding comes from government grants and various donations. Whether the organization has enough money to pay the ransom demand is still in question.