Planned Parenthood LA Suffers Ransomware Attack Leading to Data Exposure

In a letter to affected patients, PlannedParenthood Los Angeles advised affected patients that it “identified suspicious activity on our computer network. We immediately took our systems offline, notified law enforcement, and a third-party cybersecurity firm was engaged to assist in our investigation. The investigation determined that an unauthorized person gained access to our network between October 9, 2021 and October 17, 2021, and exfiltrated some files from our systems during that time.”


Cyber experts weighed in on the news.

Josh Brewton, vCISO, Cyvatar


"Planned Parenthood is an institution that sparks a lot of emotions on each side of the aisle. With this emotion comes personal and political investments. This investment from all sides paints a giant target on the organization's back. It is a prime opportunity for those seeking to further their political parties' agenda, sow seeds of mistrust in the ranks of supporters, and discredit the integrity and safety of the clinics.

If the organization cannot secure its most precious data (patient information), how can individuals trust medical services received will be kept between them and the medical professionals? This is precisely why medical facilities are held to a high standard of information security (HIPAA). Suppose the Planned Parenthood of Los Angeles is shown to have been negligent in its application of the required HIPAA security and privacy rules. In that case, they may be liable for civil and possible criminal charges.

Just because an organization is compliant with their sector's mandatory law/standard(HIPAA/NIST/CMMC/etc.) does not mean that they are secure. Having the right people, process, and technology in place while utilizing these frameworks will ensure that you have done your due diligence in providing a safe place for business, client, and other sensitive information.”


Gary Ogasawara, CTO, Cloudian

"As ransomware attack strategies become increasingly sophisticated and often result in data theft and exploitation, businesses must shore up their defenses, particularly for sensitive data. A recent survey of those that experienced an attack found that 49% had perimeter defenses in place at the time of the attack, but ransomware still penetrated. This means organizations need to move beyond such traditional defenses to protect their data.

When it comes to sensitive data in particular, encrypting data both in flight and at rest is essential to keep cybercriminals from reading it or making it public in any intelligible form. In addition, and most importantly, organizations should have an immutable (unchangeable) backup copy of their data which prevents such criminals from altering or deleting that data and ensures the ability to recover the uninfected backup copy in the event of an attack, without paying ransom."


###