Planned Parenthood data breach exposes 400,000 patients
Reproductive healthcare non-profit Planned Parenthood Los Angeles (PPLA) has suffered a ransomware attack that exposed the personally identifiable information of hundreds of thousands of patients.
The organization recently notified its patients that a breach had occurred between October 9 and 17, during which a database with information on 400,000 users was stolen. According to the announcement, the company has taken the usual steps to minimize the damage.
“On October 17, we identified suspicious activity on our computer network. We immediately took our systems offline, notified law enforcement, and a third-party cybersecurity firm was engaged to assist in our investigation,” explained PPLA.
“The investigation determined that an unauthorized person gained access to our network between October 9, 2021 and October 17, 2021, and exfiltrated some files from our systems during that time.”
The crooks made away with sensitive patient data, including addresses, insurance information, birth dates, and clinical information, the organization confirmed.
The identity of the ransomware group responsible for the attack has not been disclosed.
Ransomware, data theft, DDoS, threats
Ransomware attacks are usually a multi-step process. First, employees are targeted with phishing, spear-phishing or social engineering attacks that, if successful, provide attackers with login credentials for the organization’s network.
The malicious actors often lurk within the target network for weeks, identifying and slowly extracting sensitive data. Only once enough sensitive data has been extracted do the criminals deploy actual ransomware and encrypt the data on the target network.
A ransom is then demanded from the victim, usually in cryptocurrency, in exchange for the decryption key. Given that more and more companies have started deploying backups to combat ransomware, crooks also threaten to release the data online, if their demands are not swiftly met.
These threats are often paired with Distributed Denial of Service (DDoS) attacks, and phone threats, as well.
Reproductive healthcare non-profit Planned Parenthood Los Angeles (PPLA) has suffered a ransomware attack that exposed the personally identifiable information of hundreds of thousands of patients. The organization recently notified its patients that a breach had occurred between October 9 and 17, during which a database with information on 400,000 users…
Recent Posts
- Another Microsoft vulnerability is being used to spread malware
- How to make your smartphone last longer
- Nuclear weapons in space are bad news for the entire planet
- The Best Instax Cameras and Printers (2024): Film Types, Tips, and More
- Star Wars: Battlefront Classic Collection gets swept up in more controversy as Aspyr may have used uncredited work from modders
Archives
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- December 2011