This Week in Breach News:
Cybercriminals snatched millions from three cryptocurrency platforms, PII and PHI were exposed in major medical clinic snafus and the impact of ransomware on their clients according to MSPs, plus what they expect to see in the ransomware space in 2022.
Planned Parenthood
https://www.washingtonpost.com/nation/2021/12/01/los-angeles-planned-parenthood-hack/
Exploit: Ransomware
Risk to Business: 1.616= Severe
Bad actors gained access to the personal information of an estimated 400,000 patients of Planned Parenthood in Los Angeles this past October in a probable ransomware attack. A spokesperson said that someone gained access to Planned Parenthood Los Angeles' network between October 9 and 17, deployed and exfiltrated an undisclosed number of files. The breach is limited to the Los Angeles affiliate and an investigation is underway.
Risk to Business: 1.703= Severe
PPLA told clients that PII and PHI had been exposed including the patient's name, address, insurance information, date of birth, and clinical information, such as diagnosis, procedure, and/or prescriptions.
Customers Impacted: 400,000
How It Could Affect Your Business: Medical information is valuable, especially sensitive information like this that can be used for both cybercrime and blackmail, and patients expect that healthcare providers will.
