Data from 400,000 Planned Parenthood patients compromised

national-cancer-institute-NFvdKIhxYlU-unsplash-(1).jpg

Patient information from over 400,000 Planned Parenthood Los Angeles (PPLA) visitors has been accessed in a cyberattack targeting the California reproductive health provider.

PPLA found suspicious activity on its computer network on October 17, 2021. In response to the breach, the organization notified law enforcement and a third-party cybersecurity investigative team, which is conducting an ongoing investigation into the breach. The cybersecurity team determined that a cyberattacker accessed the PPLA network between October 9 and 17, installed malware and ransomware and exfiltrated files containing patient data from the Planned Parenthood system.

The compromised files contain patient names and at least one of the following identifying attributes: birth dates, addresses, insurance information and clinical data including diagnosis and treatment information. PPLA was made aware of this information on November 4, 2021 and released a statement regarding the cyberattack on November 30.

PPLA has increased their network monitoring and hired cybersecurity experts both external and internal to the organization since the cyberattack.

Madeline Lauver joined Security magazine in 2021 as its Assistant Editor. She covers news affecting enterprise security leaders, including physical security, cybersecurity, leadership and management, risk and resilience and more. Within her role at Security, Lauver focuses on news articles, Web Exclusives, features, and several departments for Security’s monthly digital edition, as well as managing social media and multimedia content. Lauver graduated in 2019 with a BA in English, German and Media Studies from Kalamazoo College.

Service reliability underpins every modern business. Without reliable services, organizations cannot build the trust required to keep their customers loyal or free up time to focus on product innovation and differentiation.