Tech

Ransomware gang hits Planned Parenthood—threatens data dump

The cybercrime group released some financial files as proof.

Photo of Mikael Thalen

Mikael Thalen

Planned Parenthood sign over computer code

A ransomware gang hacked a Planned Parenthood branch and is threatening to release files from the organization next week.

In a post to their dark web leak site on Wednesday, the cybercrime group RansomHub alleges it stole 93GB of data from a Planned Parenthood clinic based in Montana.

A countdown timer accompanying the post indicates that the group gave the clinic seven days to pay an undisclosed ransom. Failure to do so could result in the publication of the alleged files, though many ransomware groups don’t follow through on their promises to dump data.

In Body Image

RansomHub already leaked a small sample of documents, which includes the clinic’s annual budget.

Another file details a bill to Planned Parenthood for several thousand dollars from a payment platform company, while a third document pertains to the clinic’s liability insurance.

The final document shown in the leak preview stems from a lawsuit against numerous defendants, which includes Planned Parenthood of Montana.

In response to questions about RansomHub’s claims, Planned Parenthood of Montana President and CEO Martha Fuller told the Daily Dot that it “identified a cybersecurity incident” on Aug. 28 and implemented incident response protocols as a result.

“That investigation is ongoing. We are aware of the RansomHub post, and want to assure our community that we are taking this matter very seriously,” Fuller said. “We have reported this incident to federal law enforcement, and will support their investigation.”

The post from RansomHub comes just days after the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a new security advisory about the group.

RansomHub first appeared in February of this year and, according to CISA, has already encrypted and stolen data from at least 210 victims. The group leverages what is known as a double-extortion model, which involves both encrypting systems as well as stealing files for ransom.

CISA further notes that RansomHub’s victims come from numerous industries, such as “water and wastewater, information technology, government services and facilities, healthcare and public health, emergency services, food and agriculture, financial services, commercial facilities, critical manufacturing, transportation, and communications critical infrastructure sectors.”

The ransomware gang has not hinted at what other information it obtained in its hack of the clinic.


Internet culture is chaotic—but we’ll break it down for you in one daily email. Sign up for the Daily Dot’s web_crawlr newsletter here. You’ll get the best (and worst) of the internet straight into your inbox.

 
The Daily Dot