Planned Parenthood Ransomware Attack Leaves 400,000 Patient Records Exposed

by | December 7, 2021 | Cybersecurity News

A recent ransomware attack hit Planned Parenthood LA – threat actors stole approximately 400,000 patient records, including full names and addresses, dates of birth, and comprehensive clinical information.

Planned Parenthood Under Attack Since Early October

Threat actors managed to get access to thousands of patient files containing personal information such as full names and “one or more of the following: address, insurance information, date of birth, and clinical information, such as diagnosis, procedure, and/or prescription information,” according to a letter sent by the organization to affected patients.

The attackers breached the company’s network sometime between October 9th and October 17th. October 17th was when the infiltration was first spotted. Soon after, the organization took its systems offline, and reached out to law enforcement and cybersecurity experts to mitigate the incident. By early November, the investigation showed what the hackers had access to, but had yet to find who the culprit was, according to CNN.

Planned Parenthood LA was targeted by a ransomware attack.
400,000 Planed Parenthood LA patient records were exposed in the latest ransomware attack

“Law enforcement was notified of this incident,” John Erickson, a spokesperson for Planned Parenthood Los Angeles, said in an email to CNN. “Unfortunately, we do not know the identity of the person responsible, which is not uncommon in these situations. However, we have no indication this was a targeted attack.”

“PPLA takes the safeguarding of patients’ information extremely seriously, and deeply regrets that this incident occurred and for any concern this may cause,” the organization said, adding that it has worked to strengthen security defenses.

The Massive Data Breach Could Fuel Further Attacks

Erickson went on to add that it did not seem like the stolen information had been “used for fraudulent purposes.” However, the data breach resulted in a massive 400,000 records in the hands of the perpetrator, highly valuable data that can be sold and used in targeted attacks. Given its extremely sensitive nature – abortion details, birth control, STD testing, hormone therapy for transgender patients, and other medical services – the stolen information can be very useful to hackers.

Not The First Planned Parenthood Data Breach

The non-profit organization has been hacked before. The Metropolitan Washington branch revealed this year that patient and donor data was leaked in 2020.

The organization did not disclose how many patients were affected nor whether the leaked information was used in further attacks. However, an investigation later concluded that there was no fraudulent use of the stolen personal data.

In a 2015 data breach, a cybercriminal group led by a Planned Parenthood critic published personal data online, including names and email addresses for hundreds of the organization’s employees across the country.

“Planned Parenthood is the most trusted women’s healthcare provider in this country, and anti-abortion extremists are willing to do anything to stop women from accessing the reproductive healthcare they are seeking,” said Dawn Laguens, executive vice president of Planned Parenthood at the time.

Sources:

The Verge Ransomware attack on Planned Parenthood LA exposes info for 400,000 patients

CNN Ransomware attack on Planned Parenthood exposes 400,000 patients’ personal data

Attribution:

Photo by Georg Bommeli on Unsplash

by Diana Panduru

Content writer for Attack Simulator. Passionate about all things writing and cybersecurity, and obsessed with driving. I sometimes indulge in pencil drawing, poetry, and cooking for fun.

There’s no reason to postpone training your employees

Get a quote based on your organization’s needs and start building a strong cyber security infrastructure today.