Planned Parenthood data breach exposes 400,000 patients

The heathcare non-profit suffered a ransomware attack

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Reproductive healthcare non-profit Planned Parenthood Los Angeles (PPLA) has suffered aransomwareattack that exposed the personally identifiable information of hundreds of thousands of patients.

The organization recently notified its patients that a breach had occurred between October 9 and 17, during which adatabasewith information on 400,000 users was stolen. According to the announcement, the company has taken the usual steps to minimize the damage.

“On October 17, we identified suspicious activity on our computer network. We immediately took our systems offline, notified law enforcement, and a third-party cybersecurity firm was engaged to assist in our investigation,” explained PPLA.

“The investigation determined that an unauthorized person gained access to our network between October 9, 2021 and October 17, 2021, and exfiltrated some files from our systems during that time.”

The crooks made away with sensitive patient data, including addresses, insurance information, birth dates, and clinical information, the organization confirmed.

The identity of the ransomware group responsible for the attack has not been disclosed.

Ransomware, data theft, DDoS, threats

Ransomware attacks are usually a multi-step process. First, employees are targeted with phishing, spear-phishing or social engineering attacks that, if successful, provide attackers with login credentials for the organization’s network.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

The malicious actors often lurk within the target network for weeks, identifying and slowlyextracting sensitive data. Only once enough sensitive data has been extracted do the criminals deploy actual ransomware and encrypt the data on the target network.

A ransom is then demanded from the victim, usually in cryptocurrency, in exchange for the decryption key. Given that more and more companies have started deployingbackupsto combat ransomware, crooks also threaten to release the data online, if their demands are not swiftly met.

These threats are often paired with Distributed Denial of Service (DDoS) attacks, and phone threats, as well.

ViaBleeping Computer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

WatchGuard Firebox M390 review