Reproductive health nonprofit Planned Parenthood Los Angeles (PPLA) suffered a ransomware attack that exposed the personally identifiable information of hundreds of thousands of patients.
The organization recently notified its patients that a breach was created between October XNUMX and XNUMX, in which a database containing information on four hundred users was stolen. According to the announcement, the company has taken frequent measures to minimize damage.
“On October XNUMX, we identified suspicious activity on our computer network. We immediately took our systems offline, notified the police, and hired a cybersecurity company to help us with our investigation,” PPLA explained.
"The investigation determined that an unauthorized person gained access to our network between October XNUMX, XNUMX and October XNUMX, XNUMX and exfiltrated some files from our systems during that time."
The criminals suppressed the sensitive data of the patients, including addresses, insurance information, birth dates and clinical information, the organization confirmed.
The identity of the ransomware suite responsible for the attack has not been revealed.
Ransomware, data theft, DDoS, threats
Ransomware attacks are typically a multi-step process. Employees are primarily the target of phishing, spear-phishing, or social engineering attacks that, if successful, give attackers corporate network credentials.
Malicious actors often hide on the target internet for weeks, slowly identifying and extracting sensitive data. Only once enough sensitive data has been extracted, criminals embed genuine ransomware and encrypt the data on the target internet.
A ransom is then demanded from the victim, usually in cryptocurrencies, in exchange for the decryption key. As more companies have begun incorporating backups to combat ransomware, criminals are also threatening to publish the data online if their demands are not met quickly.
These threats are frequently associated with Distributed Denial of Service (DDoS) attacks and phony threats.
Through the beep of the computer