Overview of the Incident
Laboratory Services Cooperative (LSC), a Seattle-based nonprofit organization pivotal to reproductive health services in over 35 states, reported a severe data breach. This breach compromised sensitive data of approximately 1.6 million people.
Details of the Breach
LSC discovered unauthorized activity within their systems on October 27, 2024. The breach not only penetrated LSC’s defensive networks but eventually led to significant data theft. It primarily targeted individuals associated with select Planned Parenthood centers relying on LSC for lab testing services.
Impact and Types of Data Exposed
The exposed personal information encompasses a range of sensitive details, vital for the privacy and security of the affected individuals:
- Personal identifiers such as full names, Social Security numbers, driver’s licenses or passport numbers, dates of birth, and government-issued IDs.
- Medical information includes service dates, diagnoses, treatments, lab results, and the details of healthcare providers and facilities.
- Insurance details featuring plan types, insurer names, and member or group ID numbers.
- Billing and financial data covering claims, billing information, and bank or payment card details.
Response to the Breach
Immediately upon detection, LSC involved third-party cybersecurity specialists and notified federal law enforcement to probe the incident. The ongoing investigation aims to prevent further data compromise and manage the aftermath efficiently.
Monitoring and Protection Measures
LSC has taken proactive steps by engaging external cybersecurity experts to monitor potential data leaks on the dark web. Although there has been no evidence of such exposure yet, LSC offers free credit monitoring and medical identity protection services to potentially affected individuals.
Important Deadlines and Additional Support
Affected individuals must enroll in the offered protection services by July 14, 2025. For minors without a Social Security number or credit history, LSC has provided a special service termed ‘Minor Defense’ to safeguard their identities.
Historical Context
This incident marks the second time in 2024 that individuals connected to Planned Parenthood through LSC experienced compromised data security, following an earlier RansomHub ransomware attack.
Next Steps for Impacted Users
For further details and FAQs regarding the impact of the breach, affected individuals can visit the LSC Incident Support page or contact LSC directly. Providing vigilant and timely responses will help mitigate the risks associated with this data breach.
Related: Unlock Blazing Speed: Microsoft Edge Now Up to 9% Faster!
Last Updated: April 11, 2025
