Ransomware Attack on Planned Parenthood Compromises Data on Over 400,000 Patients

Ransomware Attack on Planned Parenthood Compromises Data on Over 400,000 Patients
Photo: Michael Thomas, Getty Images

A ransomware attack on the Los Angeles branch of Planned Parenthood has compromised data on approximately 400,000 patients, the organisation revealed this week. The breach, which involves highly sensitive information, has come to light just as a legal drama over women’s reproductive rights and a Mississippi abortion law plays out at the Supreme Court.

According to the Washington Post, which initially reported the breach, the attack took place in October, though PPLA only recently discovered that patient data had been affected and subsequently sent out notifications to affected parties.

“On October 17, 2021, we identified suspicious activity on our computer network. We immediately took our systems offline, notified law enforcement, and a third-party cybersecurity firm was engaged to assist in our investigation,” reads an obligatory breach notice filed with the California Attorney General’s office.

In a statement shared with Gizmodo by spokesman John Erickson, the PPLA said that investigation had shown an “unauthorised person” gained access to its network between Oct. 9 and Oct. 17 and “installed malware/ransomware and exfiltrated some files from its systems during that time.”

Over the past year, ransomware attacks have reached epidemic proportions in America. Malware-fuelled incidents involving the food and beverage industry, energy sector, state and local government, and pretty much every other realm of public life have kept the nation in a state of high-frequency anxiety — something the Biden administration has repeatedly promised to do something about.

In Planned Parenthood’s case, it would appear that the data that was stolen is quite extensive. The PPLA recently sent out notifications to patients, warning them that “we identified files that contained your name and one or more of the following: address, insurance information, date of birth, and clinical information, such as diagnosis, procedure, and/or prescription information.” Aside from the obviously invasive nature of the breach, such data could quite easily be used in identity fraud.

Bleeping Computer notes that it’s currently unclear which ransomware gang was behind the attack. From the available reporting, it’s also not clear if PPLA discovered a ransom note, is in active communication with the hacker gang, or whether they have paid a ransom. It’s possible that a specific gang may soon claim responsibility for the attack, after which, if PPLA has not yet paid, they would likely begin leaking the stolen data — a common extortion tactic used by cybercriminals.

The attack on the women’s health organisation has occurred just as a fight over women’s reproductive health unfolds in the Supreme Court. The court is currently considering whether to uphold or overturn a Mississippi law passed by the state’s legislature in 2018, the Gestational Age Act, which bans abortions after 15 weeks of pregnancy without making exceptions for rape and incest. The law has deeply alarmed abortion rights activists — with many claiming that the legal fight over this law could effectively overturn Roe v. Wade, the landmark abortion rights case. As of right now, it appears that the court will likely uphold the law.