Hack exposes personal information of 400,000 Planned Parenthood Los Angeles patients

Glass entrance doors to a Planned Parenthood Northern California clinic
The personal information of hundreds of thousands of Planned Parenthood Los Angeles patients was exposed in an October hack, the healthcare provider said. Above, a Planned Parenthood clinic in San Francisco.
(Jeff Chiu / Associated Press)

A hacker accessed the personal information of roughly 400,000 patients of Planned Parenthood Los Angeles in October, the reproductive healthcare provider said Wednesday.

Planned Parenthood Los Angeles said in a statement that there is no evidence so far that any patients’ information was used for fraudulent purposes, and it was notifying patients whose information was accessed.

Staff members first noticed suspicious activity on their computer network Oct. 17, according to the statement. Planned Parenthood Los Angeles took its systems offline, notified law enforcement and retained a third-party cybersecurity firm to help investigate.

The investigation, which is ongoing, has determined that a hacker got access to the healthcare provider’s network between Oct. 9-17, according to the statement, which also said the hacker installed “malware/ransomware” and took some files from the system.

Ransomware is a kind of malware designed to hold a computer or entire network hostage by preventing access to the files until the owner pays the hacker. This year, alleged members of the Russia-linked gang REvil were arrested and charged in connection with a high-profile string of ransomware attacks that led to at least $200 million in ransom payments.


Suspected hackers linked to wave of ransomware attacks arrested as part of global crackdown on cybercrime.

Nov. 8, 2021

When asked for clarification about the Planned Parenthood Los Angeles attack, John Erickson, a spokesman for the healthcare provider, did not specify which type of malware was detected and did not say whether Planned Parenthood paid a ransom.

“We take safeguarding patients’ information extremely seriously, and have taken steps to address this incident,” Erickson said. “Our focus now is on notifying and supporting those patients whose information was involved in this incident.”

Once Planned Parenthood identified the affected files, it began a review to determine whether they contained any patient information, according to the organization’s statement.

On Nov. 4, it identified files that had certain patients’ names as well as one or more of the following: dates of birth, addresses, insurance identification numbers, clinical data, diagnoses, treatments provided and prescription information, according to the statement.

Planned Parenthood Los Angeles has taken steps to enhance security measures and protect patients’ information such as increasing network monitoring, working with an external cybersecurity firm and hiring additional cybersecurity resources and personnel, according to the statement.

“PPLA takes the safeguarding of patients’ information extremely seriously, and deeply regrets that this incident occurred and for any concern this may cause,” the statement said.


Out of caution, Planned Parenthood is sending letters to the affected patients explaining what happened and outlining steps they can take to protect themselves from fraud.

“Patients are encouraged to review statements from their healthcare providers or health insurers and contact them immediately if they see charges for services they did not receive,” the statement said.

The hack was limited to Planned Parenthood Los Angeles and didn’t affect any other affiliates, according to the statement.

The Washington Post first reported the data breach on Wednesday.

A motive for the hack wasn’t known, but Planned Parenthood has been the target of politically motivated cyberattacks in the past.

In 2015, the names and email addresses of more than 300 Planned Parenthood Federation of America employees were published on a private website hosted by a group of hackers, part of an organization called 3301.


Hundreds of names and email addresses of Planned Parenthood Federation of America employees across the nation were leaked after a security breach on Sunday night.

July 28, 2015

The attack came as Planned Parenthood was embroiled in scandal over a series of heavily edited undercover videos, released by an antiabortion group that accused the organization of illegally profiting off selling fetal parts for medical research.

Planned Parenthood condemned the videos as misleading, and investigations in a dozen states found no wrongdoing by the organization.

Planned Parenthood regularly faces pressure from antiabortion groups and politicians. Abortions, however, are not its sole focus.

Its branches offer a variety of services to men and women, including annual exams, birth control, cervical cancer screenings, prenatal care, sexual education, testicular cancer screenings and vasectomies.