Planned Parenthood patient records leaked in data breach

An attacker steals information including names, dates of birth, addresses and clinical data.

Corinne Reichert
Corinne Reichert Senior Writer
Corinne Reichert (she/her) grew up in Sydney, Australia and moved to California in 2019. She holds degrees in law and communications, and currently oversees the CNET breaking news desk for the West Coast. Corinne covers everything from phones, social media and security to movies, politics, 5G and pop culture. In her spare time, she watches soccer games, F1 races and Disney movies.
Expertise News

Planned Parenthood Los Angeles says information was stolen in a cyberattack.

Planned Parenthood

Planned Parenthood Los Angeles has confirmed that a data breach last month exposed patient records online, including names, dates of birth, addresses, insurance identification numbers and clinical data like diagnosis, treatment and prescription information.

An unauthorized person accessed the network between Oct. 9 and Oct. 17, installing malware and stealing files. PPLA said it took its systems offline on Oct. 17 when it noticed suspicious activity, notifying law enforcement and engaging a cybersecurity company to investigate. On Nov. 4, the investigation concluded that patient information was taken, and Planned Parenthood LA is now notifying affected patients.

According to a Wednesday report in The Washington Post, the data breach affected around 400,000 patients.

"PPLA is mailing notification letters to patients whose information was contained in documents that were exfiltrated from our systems," the organization said. "We also encourage patients to review statements from their healthcare providers or health insurers and contact them immediately if they see charges for services they did not receive."

PPLA says it has increased network monitoring since and hired more cybersecurity staff members.