Planned Parenthood Data Breach and Lawsuit

Dec. 13, 2021
Planned Parenthood Los Angeles was the victim of a data breach last month and is now facing a lawsuit for failure to safeguard patient data

A Dec. 2 article from CNET by Corinne Reichert reports that Planned Parenthood Los Angeles confirmed that a data breach last month exposed patient records online, including names, dates of birth, addresses, insurance identification numbers, and clinical data like diagnosis, treatment, and prescription information.

Reichert writes that “An unauthorized person accessed the network between Oct. 9 and Oct. 17, installing malware and stealing files. PPLA said it took its systems offline on Oct. 17 when it noticed suspicious activity, notifying law enforcement and engaging a cybersecurity company to investigate. On Nov. 4, the investigation concluded that patient information was taken, and Planned Parenthood LA is now notifying affected patients.”

On Dec.1, The Washington Post reported that 400,000 patients were affected by the breach.

A Dec. 1 article from The Los Angeles Times by Gregory Yee and Christian Martinez said that “Planned Parenthood Los Angeles said in a statement that there is no evidence so far that any patients’ information was used for fraudulent purposes, and it was notifying patients whose information was accessed.”

That said, “When asked for clarification about the Planned Parenthood Los Angeles attack, John Erickson, a spokesman for the healthcare provider, did not specify which type of malware was detected and did not say whether Planned Parenthood paid a ransom.”

“‘We take safeguarding patients’ information extremely seriously, and have taken steps to address this incident,” Erickson said, the article continues. ‘Our focus now is on notifying and supporting those patients whose information was involved in this incident.’”

Planned Parenthood sent letters to the patients affected by the data breach explaining the situation and steps they can take to protect themselves—including reviewing statements from their health insurer and healthcare providers.

On Dec. 9, according to an article from ClassAction.org, Planned Parenthood Los Angeles is now facing a lawsuit alleging that the breach was due to the facility’s failure to secure patient information.

The article states that “According to the suit, Planned Parenthood failed to properly safeguard patient data despite having been hacked in 2015 and 2020. The lawsuit calls this latest incident ‘particularly egregious’ in light of numerous other high-profile cybersecurity attacks and data breaches of late.”

Sponsored Recommendations

Addressing Revenue Leakage in Hospitals

Learn how ReadySet Surgical helps hospitals stop the loss of earned money because of billing inefficiencies, processing and coding of surgical instruments. And helps reduce surgical...

Care Access Made Easy: A Guide to Digital Self Service

Embracing digital transformation in healthcare is crucial, and there is no one-size-fits-all strategy. Consider adopting a crawl, walk, run approach to digital projects, enabling...

Powering a Digital Front Door with a Comprehensive Provider Directory

Learn how Geisinger improved provider data accuracy, SEO, and patient acquisition with a comprehensive provider directory.

Data-driven, physician-focused approach to CDI improvement

Organizational profile Sisters of Charity of Leavenworth (SCL) Health* has been providing care since it originated in the 1600s in France as the Daughters of Charity. These religious...