Ransomware attack on Planned Parenthood steals data of 400,000 patients

  News
image_pdfimage_print
A ransom message on a monochrome computer screen.

Ransomware hackers broke into a Planned Parenthood network and accessed medical records or other sensitive data for more than 400,000 patients of the reproductive health care group.

The disclosure came in a sample letter posted to the California attorney general’s website and a release published by the organization. Both said that the intrusion and data theft was limited to patients of Planned Parenthood’s Los Angeles chapter. Organization personnel first noticed the hack on October 17 and conducted an investigation.

“The investigation determined that an unauthorized person gained access to our network between
October 9, 2021 and October 17, 2021, and exfiltrated some files from our systems during that time,” the letter stated. It went on to say: “On November 4, 2021, we identified files that contained your name and one or more of the following: address, insurance information, date of birth, and clinical information, such as diagnosis, procedure, and/or prescription information.”

The release said that the intruder “installed malware/ransomware and exfiltrated some files from its systems during that time.” The organization said it has no evidence the stolen data has been used for fraudulent purposes. Planned Parenthood of Los Angeles spokesman John Erickson didn’t respond to a question asking if the organization could rule out that possibility.

Ransomware has become a scourge that hits both Fortune 500 firms and small nonprofits alike. The criminals behind the attacks routinely extort money, with the threat to not only lock up victims’ computer networks, but also to leak sensitive data online if the ransom goes unpaid. There are no reports of any of the Planned Parenthood data being published.

In May, hackers hit Colonial Pipeline with a ransomware attack that caused disruptions in gasoline distribution in the southeastern United States. A few weeks later, JBS SA, the world’s biggest meat producer, suffered a ransomware attack that shut down operations at five of the biggest JBS beef plants in the US. A Canadian JBS beef plant that processes almost a third of the country’s federally inspected cattle was also shut down.

Nonprofit organizations, meanwhile, have also been menaced by ransomware, with hospitals, homeless shelters, and community groups all in the crosshairs. Earlier this year, data belonging to a Planned Parenthood chapter in the District of Columbia was also held for ransom.

Word of the latest Planned Parenthood attack comes as the availability of abortions in many states has come under threat in state legislatures. The US Supreme Court on Wednesday heard oral arguments in a case challenging the constitutionality of a Mississippi law that effectively bans the procedure after 15 weeks of pregnancy.

https://arstechnica.com/?p=1817677