Planned Parenthood Los Angeles suffered a ransomware attack that exposed the personal and clinical data of 400,000 patients; according to their notice, there is no evidence of the stolen information being used for fraudulent purposes...

Continue reading
Planned Parenthood Los Angeles (PPLA) **notified** individuals whose data was exposed in the cybersecurity incident in October. They concluded that an attacker infiltrated their network infrastructure between October 9, 2021, and October 17, 2021; during this period, they installed malware/ransomware and stole files from their computers.
PPLA first noticed suspicious activity on their network on October 17th and promptly took their systems offline. Upon informing the law enforcement, they contacted third-party cybersecurity firms to begin the investigation.
On November 4, they determined the type of that was exfiltrated and if it contained any patient data. The following patient data was exposed during the incident,
At the time, there was no evidence that threat actors for any purpose had exploited the stolen data. Individuals affected have been notified through emails, and PPLA encourages patients to review their health insurance statements and contact the necessary authorities if they find any suspicious activity.
John Erickson, PPLA spokesperson, gave a statement to the **Washington Post** saying that personal data medical information of approximately 400,000 patients were exposed from the targeted ransomware attack.
"*In response to this incident, PPLA has taken steps to enhance our existing security measures and to help protect the information in our care, including increasing our network monitoring, engaging an external cybersecurity firm, and hiring additional cybersecurity resources and talent to our team*," explained PPLA in their notice. Although no financial data was stolen, the exposed personal and medical data could be used by attackers for spear-phishing attacks. Affected patients must stay vigilant of any emails or texts that request sensitive information and avoid clicking on attached links.

148 malicious npm packages masquerading as student proxy and school Wi-Fi bypass tools. Rather than compromising developers during installation