Planned Parenthood cyber attack exposes data of 400,000 patients

Patients have been advised to check their health insurance statements for fraudulent activity

A view of the outside of a Planned Parenthood facility in Washington, DC

The Los Angeles chapter of nonprofit healthcare provider Planned Parenthood has fallen victim of a cyber attack that has exposed the data of an estimated 400,000 patients.

The incident, which took place in October, saw an unauthorised person gain access to Planned Parenthood LA’s networks and steal files from its systems.

The compromised information includes home addresses, insurance information, dates of birth, as well as information relating to procedures and prescriptions.

A letter detailing the attack was sent out to affected patients on 30 November, a copy of which was obtained by the Washington Post.

Planned Parenthood stated that it has “no evidence” that the stolen data “has been used for fraudulent purposes”.

The organisation has launched an investigation into the incident alongside a “third-party cyber security firm”, as well as notifying law enforcement. It also committed to enhancing its cyber security measures by increasing network monitoring and expanding its own cyber security team. However, it didn’t disclose whether the attackers had requested a ransom, and whether it had been paid.

Patients were advised to review their health insurance statements in case their data was being used to charge for services they weren’t using.

However, the breach could present other threats, especially in the US’ increasingly-polarised political climate regarding reproductive rights. Concerns are mounting that US Supreme Court could overturn the 1973 Roe v Wade and 1992 Planned Parenthood v Casey landmark court case rulings that allows women to have an abortion without excessive government restriction.

Related Resource

The Okta digital trust index

Exploring the human edge of trust

Woman types on a laptop, image is faded purple with title text beside it on white backgroundFree download

It's feared a breach of this kind could make it possible for anti-abortion protesters, who are known to harrass patients outside Planned Parenthood clinics, to identify those who had undergone the procedure and threaten them.

The breach could also affect patients that are trans and undergoing hormone therapy, which is another Planned Parenthood service that has faced long-standing backlash. Similarly, the data breach could allow for trans patients to be identified and placed in danger.

The incident comes as the latest attack on American healthcare providers, following FBI reports from earlier this year that revealed the Conti ransomware gang had attempted to hack a dozen US healthcare and first responder organisations. Conti was also linked to attacks on Ireland's Health Service Executive (HSE) and its Department of Health (DoH).

Planned Parenthood wasn’t available for comment.

Featured Resources

The challenge of securing the remote working employee

The IT Pro Guide to Sase and successful digital transformation

Free Download

VMware Cloud workload migration tools

Cloud migration types, phases, and strategies

Free download

Practices for maximising the business value of digital infrastructure Consumption-as- a-Service subscriptions

IDC PeerScape

Free Download

Container network security guide for dummies

Enforcing Kubernetes best practices

Free download

Recommended

Meta files lawsuit to uncover hackers targeting Facebook, WhatsApp
phishing

Meta files lawsuit to uncover hackers targeting Facebook, WhatsApp

21 Dec 2021
Five things to consider before choosing an MFA solution
Security

Five things to consider before choosing an MFA solution

17 Dec 2021
Australia and US sign CLOUD Act data-sharing deal to support criminal investigations
cyber crime

Australia and US sign CLOUD Act data-sharing deal to support criminal investigations

16 Dec 2021
UK unveils £2.6 billion National Cyber Strategy
Policy & legislation

UK unveils £2.6 billion National Cyber Strategy

15 Dec 2021

Most Popular

How to move Microsoft's Windows 11 from a hard drive to an SSD
Microsoft Windows

How to move Microsoft's Windows 11 from a hard drive to an SSD

4 Jan 2022
Microsoft Exchange servers break thanks to 'Y2K22' bug
email delivery

Microsoft Exchange servers break thanks to 'Y2K22' bug

4 Jan 2022
Solving cyber security's diversity problem
Careers & training

Solving cyber security's diversity problem

5 Jan 2022