One or more hackers acquired the names, birthdates, addresses, diagnoses, and procedures of some 400,000 patients of Planned Parenthood's Los Angeles branch in October, the organization revealed Wednesday. Someone accessed PPLA's network between Oct. 9 and Oct. 17, installed "malware/ransomware," and "exfiltrated" files, rep John Erickson said in a statement. He did not explain how the ransomware affected PPLA's network or indicate whether a ransom was paid, per the Washington Post. An investigation is ongoing, though there is no sign that the information was "used for fraudulent purposes," Erickson said.
Letters sent to patients warn the stolen files "contained your name and one or more of the following: address, insurance information, date of birth, and clinical information, such as diagnosis, procedure, and/or prescription information." They also outline fraud prevention steps. This comes months after Planned Parenthood's Metropolitan Washington branch revealed confidential patient information was exposed in a 2020 breach. Planned Parenthood provides a variety of health services to men and women, from cancer screenings to vasectomies, though its abortion services "have made it a target of protests, threats and conservative ire," per the Post.
However, "we have no indication this was a targeted attack," Erickson said, per CNN. PPLA said it first detected suspicious activity on Oct. 17 and "immediately took our systems offline." It said it notified law enforcement and retained a cybersecurity firm to investigate before learning on Nov. 4 that patient information had been exposed. "We take safeguarding patients’ information extremely seriously, and have taken steps to address this incident," including by increasing network monitoring and "hiring additional cybersecurity resources and personnel," Erickson said, per the Los Angeles Times. PPLA "deeply regrets that this incident occurred and for any concern this may cause," the statement added. (Read more Planned Parenthood stories.)