The Los Angeles chapter of Planned Parenthood (PPLA) issued a data breach notification Wednesday saying that attackers exfiltrated a treasure trove of patient data when the organization suffered a ransomware attack in October.
According to PPLA, which operates 21 health centers in Los Angeles, an unidentified attacker stole the personal information of approximately 400,000 patients.
In letters sent to the affected patients, PPLA said it “identified suspicious activity on our computer network” on October 17 and “immediately took our systems offline, notified law enforcement, and a third-party cybersecurity firm was engaged to assist in our investigation.”
Following a weeks-long review of the incident, however, the healthcare provider found on November 4 that the threat actors exfiltrated deeply sensitive patient information, including their “address, insurance information, date of birth, and clinical information, such as diagnosis, procedure, and/or prescription information.”
According to PPLA breach notification, at this time there is no indication that the stolen data has been used for fraudulent purposes. The document did not state if PPLA paid any ransom, nor whether the ransomware payload planted by the attackers caused any additional damage to the organization beyond data exfiltration.
“We have and will continue to take steps to enhance our existing security measures and to help protect the information in our care, including increasing our network monitoring, engaging an external cybersecurity firm, and hiring additional cybersecurity resources and talent to our team,” reads the organization’s statement.
To the patients whose personal information had been stolen by the attacker, PPLA recommends to “review statements you receive from your health insurer and health care providers.” In case of unusual charges, the victims are to immediately contact their insurer or provider.
If you have provided your information to PPLA, we also recommend setting up identity theft monitoring via your bank. In case of any suspicious activity or fraud, do the following as soon as possible:
- Report identity theft to law enforcement
- Notify your creditors, bank, and other financial or insurance services of possible identity theft
- Review recent activities on your online accounts and watch out for suspicious emails, messages, and requests
More from CyberNews
Subscribe to our newsletter