Η Planned Parenthood LA he revealed data breach affecting approximately 400.000 patients. The data breach seems to be the result of a ransomware attack that took place in October.
According to a notice sent to patients of the Planned Parenthood Los Angeles ("PPLA"), the cyber-attack took place between October 9 and 17 and allowed the attackers to steal files from the breached network.
"On October 17, 2021, we located suspicious activity on our computer network. We immediately took our systems offline, notified law enforcement and a cybersecurity company assisting with our investigation.", Explains Planned Parenthood LA to patients affected by data breach.
"The investigation found that an unauthorized person acquired access to our network between 9 October 2021 and 17 October 2021 and stole some files from our systems during this period".
However, the organization found that the stolen files contained patients' personal information on November 4th. The details of the patients exposed include: address, insurance details, date of birth and clinical information, such as diagnosis, prescriptions, etc.
In a statement to the Washington Post, a spokesman for Planned Parenthood LA, John Erickson, admitted that the data breach was caused by a ransomware attack and said the stolen files contained the personal data of about 400.000 patients.
Many times, ransomware gangs break into a network and "stay" inside for days, if not weeks, while stealing files and uploading them to their servers. Once they have completed the collection of valuable data, develop ransomware to encrypt all devices on the network.
They then use the stolen data to blackmail the victims, in order to increase their chances of receiving the information. ransom.
We do not yet know which ransomware gang is behind the Planned Parenthood LA attack and data breach. We also do not know if the organization has paid the ransom. If the ransom is not paid, we will probably find out who is responsible after the data is published.
What should patients affected by data breach do?
According to the organization, no financial information was affected. However, information such as names, addresses, date of birth and health information have been violated. These could be used for carrying out more targeted attacks.
Therefore, all affected patients should be on alert for strange emails or SMS messages.
If patients receive a message requesting sensitive information claiming to be from PPLA, they should contact Planned Parenthood LA immediately to see if the email is legal.
Source: Bleeping Computer