It has been reported that the Los Angeles branch of Planned Parenthood was hit by a data breach involving about 400,000 patients, but there is no indication that the information was used “for fraudulent purposes,” the group said. A hacker installed computer malware between Oct. 9 and Oct. 17 and “exfiltrated” files containing patient names and possibly addresses, insurance and medical information, including procedures they may have undergone, Planned Parenthood Los Angeles warned Tuesday. The attack involved ransomware, software that hackers can use to lock an organisation out of its own computer network until a ransom is paid, but the group didn’t immediately say whether any ransom was paid.
<p>We should expect even better targeted and perfidious ransomware attacks in the near future. Today, cybercriminals start running marketplaces with stolen data to “punish” stubborn companies who refuse to pay the ransom by naming and shaming. I think we should soon expect that in sensitive cases, like the Planned Parenthood breach, attackers will also contact the victims and try to racket them individually. Payment of ransom, however, does not guarantee that your data will not be leaked or silently re-sold later. Sadly, cyber insurances are now massively trying to deny coverage of ransomware payments even if the contract says otherwise.<u></u><u></u></p>
<p>Every case of ransom payment should be treated individually, in view of the integrity of circumstances. National legislation needs to be taken into consideration, for example, the FBI is categorically opposed to payment of any ransom, while OFAC made it crystal clear that ransom payments may violate US sanctions. Some cases of cyber racket can be safely ignored, while others may help to better understand the origins of data breaches and possibly identify the intruders. In all cases, victims should never act alone and must talk to an experienced law firm or data breach investigation company.</p>
<p>With the reported ransomware attack against Planned Parenthood in Los Angeles impacting more than 400,000 patients, now we see the dark heart of the beast. In the cold calculus of who will pay and who won’t, ransomware has reached a new low. The men and women at Planned Parenthood have to make a decision today that no one should ever have to make: pay or don’t pay. Paying ransom demands doesn’t guarantee there won\’t be further extortion attempts, but not paying is more than just denying the organisation data. It could publish information of more than 400,000 patients and put their very lives in danger. This is about as clear as it gets: ransomware is a business model but more than that it is a horrific beast that needs to be reined in and criminals brought to justice to face a jury of peers.</p>
<p>The reported ransomware attack against Planned Parenthood could escalate to a triple ransom situation, where not only is the data itself held hostage, but also the threat to release to the public, or for cybercriminals to target or blackmail patients themselves. The fact that the compromised data included names, addresses, insurance information, date of birth as well as clinical information including medical procedures and prescriptions for more than 400,000 patients makes it a potential disaster. In this attack, the type of data compromised should have an impact on the severity of punishment, it likely would have little impact, with these ransomware gangs often operating with impunity in Russia and other countries where these attacks are state ignored. Overall, the amount of money ransomware gangs are generating only increases the level of greed and with it their brazenness. As this data can be used for criminal acts beyond a ransomware attack, there may be more repercussions and possibly more help bringing the attackers to justice, depending on where the compromised data is sold or used with malicious intent.</p>