A security incident at Planned Parenthood's Los Angeles (PPLA) branch compromised personal data of about 400,000 patients, officials confirmed this week.
News of the breach was confirmed in letters sent to affected patients. These state suspicious activity was detected on the PPLA network on Oct. 17, 2021. Following its discovery, PPLA took its systems offline, notified law enforcement, and hired a third-party security firm to aid in its investigation.
The investigation revealed an unauthorized person gained access to PPLA systems between Oct. 9 and Oct. 17 and exfiltrated files. On Nov. 4, officials learned the type of information compromised. In its letters, PPLA wrote "we identified files that contained your name and one of more of the following: address, insurance information, date of birth, and clinical information, such as diagnosis, procedure, and/or prescription information."
At the time the letters were sent, PPLA stated there was no evidence any information involved in the incident has been used for fraudulent purposes. It does not disclose who might be behind the attack. Recipients of the letters are advised to review statements from their health insurer and health care providers and monitor for charges for services they did not receive.
Read more details here.