A major Planned Parenthood data breach has compromised the sensitive personal and health information of approximately 1.6 million individuals across 30 U.S. states and the District of Columbia.
The breach occurred at Laboratory Services Cooperative, a third-party vendor that processes medical testing for Planned Parenthood locations nationwide. The incident was revealed in an April 10, 2025 court filing with the Maine Attorney General, as reported by Consumer Affairs.
Breach Timeline and Scope
The breach took place in October 2024, according to Laboratory Services Cooperative. While the scope is large, the company noted:
“There’s no evidence so far that personal data from the hack is circulating online.”
Laboratory Services Cooperative serves multiple Planned Parenthood health centers, making the breach wide-reaching in impact.
States Affected by the Breach
Consumer Affairs confirmed that affected data may have originated from Planned Parenthood sites in 30 states, including:
- California
- Colorado
- Illinois
- Ohio
- Texas
- And Washington, D.C.
A full list of impacted locations is available on the official support site, lscincidentsupport.com.
What Data Was Compromised?
Laboratory Services Cooperative stated that the breach exposed the following types of sensitive information:
- Lab test results
- Health insurance details
- Bank account and credit card numbers
- Social Security numbers
- Driver’s license numbers
- Other personal identifiers
This type of data, particularly when linked to health services, presents serious risks of identity theft, fraud, and potential medical privacy violations.
Support for Affected Individuals
Those who believe they may have been impacted are encouraged to visit lscincidentsupport.com. The site provides access to free credit monitoring and health monitoring services as part of the incident response.
This is not the first cybersecurity incident in the U.S. healthcare space this year. It follows recent disclosures from Kaiser Permanente, which announced a data breach affecting 13.4 million customers.
For enterprise organizations, the Planned Parenthood breach is another reminder of the risks that come with third-party service providers managing protected health information and financial data. Cybersecurity protocols across healthcare partnerships remain under close scrutiny.
