Ransomware attack on Planned Parenthood LA exposes info for 400,000 patients

Alex Castro illustrated thechorus image.

A report by The Washington Post states that hackers were able to access files containing personal information for hundreds of thousands of patients in the Los Angeles area. The files contained patients' names, addresses, insurance information, date of birth, and clinical information, such as diagnosis, procedure, and/or prescription information, according to a letter sent to affected patients.

Between October 9th and October 17th, the organization says it was hit by the ransomware. On the 17th, the organization noticed the intrusion and took its systems offline. It was determined by early November that the hackers had access to, but it is still not known who the attacker is.

The hack is still being investigated by the organization.

The Washington Post reported that a spokesman for the organization said that it didn't seem like the information had been used for fraudulent purposes and that it didn't appear to be a targeted attack. The data could be valuable if hackers choose to sell it, because it is extremely sensitive and includes a lot of medical services. The data was limited to one organization.

At a time when abortion rights are particularly fraught in the US, the data leak and cyberattack come at a good time. Texas made it illegal to get an abortion after just six weeks of pregnancy, as well as a Mississippi law that prohibits abortions 15 weeks into a pregnant woman's life. Most people will not be able to get an abortion by the time they find out they are pregnant.

Tensions regarding abortion, privacy, and ransomware have risen.

The US Treasury has reported that payouts from the attacks could top a billion dollars for 2021. CNN asked if there was a demand for a ransom made in this case, but a spokesman for the organization didn't reply.