Planned Parenthood Los Angeles says hack breached 400,000 patients' information

Source: Washington Post

A hacker gained access to the personal information of hundreds of thousands of Planned Parenthood patients last month, the reproductive health-care group’s Los Angeles branch said Wednesday. The breach is limited to the Los Angeles affiliate, and spokesperson John Erickson said there is no indication at this point that the information was “used for fraudulent purposes.”

But an investigation is ongoing, he said, and information was compromised for about 400,000 patients of the organization at the center of the country’s fierce debates over abortion rights. Someone gained access to Planned Parenthood Los Angeles’ network between Oct. 9 and Oct. 17, installed malicious software and “exfiltrated” some files, Erickson said in a statement.

Letters from PPLA to affected patients warned that “we identified files that contained your name and one or more of the following: address, insurance information, date of birth, and clinical information, such as diagnosis, procedure, and/or prescription information.”Erickson said the attack involved a specific type of malware called ransomware that was behind this year’s shutdown of a major fuel pipeline — a wide-ranging hack on U.S. energy infrastructure.

Ransomware is a malicious computer code that hackers deploy to block an organization’s access to its own computer network to extort a ransom. Erickson did not immediately respond to questions about whether PPLA paid a ransom and how malware affected its systems.

Read more: https://www.washingtonpost.com/nation/2021/12/01/los-angeles-planned-parenthood-hack/