Planned Parenthood investigates breach amid claims its systems were accessed
Planned Parenthood is investigating possible unauthorized access to its systems following reports that attackers released website databases on Sunday night that included employee names and email addresses.
“We've seen the claims around attempts to access our systems,” Tom Subak, chief information officer with Planned Parenthood, said in a statement emailed to SCMagazine.com on Monday. “We take security very seriously and are investigating. Once we have investigated, we may make future statements.”
On Monday, citing correspondence with one of the alleged attackers, The Daily Dot reported that the attack was politically motivated, that a Blind SQL injection attack was used, and that the group next plans to decrypt and release internal emails.
According to the report, the attackers said they were unable to deface the Planned Parenthood website – or have it redirect to their Twitter page – because the site's “backend is so terribly configured.”
UPDATE: In a follow-up statement emailed to SCMagazine.com on Monday, Dawn Laguens, executive VP of Planned Parenthood, said, “Today Planned Parenthood has notified the Department of Justice and separately the FBI that extremists who oppose Planned Parenthood's mission and services have launched an attack on our information systems, and have called on the world's most sophisticated hackers to assist them in breaching our systems and threatening the privacy and safety of our staff members. We are working with top leaders in this field to manage these attacks. We treat matters of safety and security with the utmost importance, and are taking every measure possible to mitigate these criminal efforts to undermine our mission and services.”