After conducting an investigation, the organization learned that the stolen files contained personal data of its patients. Planned Parenthood revealed in a breach notification that the incident occurred in October this year. At this time, the actor responsible for the incident remains unidentified. However, the organization has not found any trace of fraudulent activity involving the stolen data. John Erickson, spokesperson for Planned Parenthood LA, said, “Unfortunately, we do not know the identity of the person responsible, which is not uncommon in these situations. However, we have no indication this was a targeted attack.”
Details on the Stolen Patient Data and Subsequent Measures Taken by Planned Parenthood
Planned Parenthood is a non-profit organization that provides sexual and reproductive healthcare services. It has a global presence and actively advocates for policies to protect and expand reproductive rights. In the breach notification to the victims, the organization said it detected suspicious activity on October 17, 2021. A preliminary investigation revealed that the perpetrator accessed its network sometime between October 9 and October 17 and exfiltrated certain files. The stolen files contained the patients’ name, along with one or more of the following information:
address insurance information date of birth clinical information (for diagnosis, procedure, prescription information, etc.)
Planned Parenthood urged its patients to review statements from their health insurers and healthcare providers, and to be aware of any charges for unauthorized services. The organization said it has and will “continue to take steps to enhance our existing security measures and to help protect the information in our care.” These measures include:
Increased network monitoring Expanding its internal cybersecurity resources and talent Engaging an external cybersecurity firm
Rise in Cyber Attacks on the US’ Critical Infrastructure Sectors
The incident is the latest in a growing list of attacks on US healthcare and other critical infrastructure sectors. In fact, several US federal agencies, such as CISA and the FBI, regularly put out advisories warning organizations about cyber threats. For example, three US agencies released a joint advisory in October warning the country’s healthcare sector of impending ransomware attacks and data thefts. Similarly, federal agencies warned that Iran-backed hackers were targeting the country’s transportation and public health sectors. One of the more worrying attacks in recent memory comes from north of the border. Last month, a cyberattack shutdown the healthcare IT systems in the Canadian province of Newfoundland and Labrador.