On Tuesday 30th of November 2021, Planned Parenthood Los Angeles disclosed they had experienced a ransomware attack in October that has led to the exposure of the personal information of approximately 400,000 patients. In a letter sent to affected patients, Planned Parenthood said that the ransomware attack was conducted against their network between October 9th and October 17th. But Planned Parenthood discovered the incident on the 17th when they had detected signs of the attack which led to them taking its systems offline and contacted law enforcement and cybersecurity investigators.
“On October 17, 2021, we identified suspicious activity on our computer network. We immediately took our systems offline, notified law enforcement, and a third-party cybersecurity firm was engaged to assist in our investigation,” – Planned Parenthood Los Angeles.
Further in the letter, Planned Parenthood Los Angeles revealed that it took until November 4th for them to determine what kind of data could have been exposed by the incident. They stated that the stolen files contained patients’ personal information, including their “address, insurance information, date of birth, and clinical information, such as diagnosis, procedure, and/or prescription information.”
Currently, it is unknown which ransomware gang is responsible for the incident and whether a ransom has been paid. The letter also details recommended steps for the affected patients to take as the stolen data is said to contain medical information and therefore could have a significant impact if publicly released especially as the data could be used to perform more targeted attacks in the future. The recommended steps are all affected patients are advised to keep a lookout for strange emails or SMS texts regarding their PPLA visits, health information, or other related information.