Laboratory Services Cooperative (LSC), which operates Planned Parenthood clinics, has announced a data breach affecting 1.6 million people. The attackers gained access to medical information, insurance numbers, bank details and Social Security numbers. Although the stolen data has not yet been discovered on the darknet, the incident is particularly sensitive due to the public outcry.
The cyberattack, which was reported on April 11, 2025, was discovered on October 27, 2024, but the LSC investigation was not completed until February. Both patients and laboratory employees were affected, losing access to personal information, medical histories, test results, procedure locations, billing data, insurance information, personal identifiers and beneficiary information.
LSC provides services to a number of Planned Parenthood centers in 30 states and the District of Columbia. Anyone who underwent testing at these facilities or was referred to the lab could potentially have been affected by the leak. The company says it has hired specialized cyber firms to monitor the dark web, but as of April 10, the stolen data had not been found there. Victims are being offered free credit monitoring for one year.
Planned Parenthood stores extremely sensitive medical information, including data on abortions and related procedures. Given the political tension over reproductive rights in the United States, the leak of such data is not only a violation of privacy but also a potential criminal threat. In some states, women have already been arrested and medical facilities have been prosecuted.
In 2024, a series of scandals broke out when conservative organizations used geolocation data from cell phones to track women who visited Planned Parenthood clinics. However, prosecutors in some states have already sought to access medical records of patients who underwent procedures in other states.
110 
123 
85 