Planned Parenthood has confirmed that it recently experienced a cyberattack, which led to parts of its IT infrastructure being taken offline to manage the situation. The organization, based in New York and a leading provider of reproductive health services in the U.S., is currently investigating the full scope and impact of the breach.
Martha Fuller, CEO and President of Planned Parenthood of Montana, reported that the cybersecurity incident was identified on August 28, 2024. In response, Planned Parenthood implemented its incident response protocols, including taking portions of its network offline as a precautionary measure. Fuller commended the IT team for their swift action and ongoing efforts to restore systems.
The RansomHub ransomware group has claimed responsibility for the attack, threatening to release 93GB of stolen data within six days if their demands are not met. They have already posted various confidential documents on their dark web extortion portal as proof of the breach.
Last week, a joint advisory was issued by the FBI, CISA, the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Department of Health and Human Services (HHS) highlighting RansomHub's targeting of healthcare organizations, with Planned Parenthood being the latest example.
Fuller stated that Planned Parenthood is closely monitoring the situation and has informed the FBI. The organization is still investigating whether any data has been stolen and has not yet confirmed the theft of any patient information.
This incident follows a previous ransomware attack on Planned Parenthood in late 2021, which resulted in the breach of private records for 400,000 patients from the Los Angeles department.