Planned Parenthood Patients Impacted by Major Data Breach at Lab Partner Featured
Sensitive medical and financial data of 1.6 million Planned Parenthood patients exposed in cyberattack on lab partner.
A data breach affecting Laboratory Services Cooperative (“LSC”), a third-party lab partner for Planned Parenthood, may have exposed the sensitive personal and medical information of 1.6 million individuals across the United States. The incident, confirmed by a recent filing with the Attorney General of Maine, is now the subject of a legal investigation.
About Laboratory Services Cooperative
Founded in 2010, Laboratory Services Cooperative is a nonprofit clinical laboratory headquartered in Seattle, Washington. It was established in partnership with Planned Parenthood of the Great Northwest and provides diagnostic testing and lab services to Planned Parenthood affiliates in 31 states and the District of Columbia.
What Happened?
According to LSC’s public notice, on October 27, 2024, the organization identified unusual activity on its internal network. In response, LSC engaged a team of third-party cybersecurity experts to investigate. The investigation determined that an unauthorized actor gained access to certain parts of the network and acquired files containing sensitive patient and employee data.
By February 2025, LSC confirmed that the compromised files included confidential information tied to patients who had lab tests conducted through Planned Parenthood locations.
On April 10, 2025, LSC began mailing out data breach notification letters to affected individuals.
What Information Was Involved in the Breach?
While the type of data exposed varies by individual, the breach may have involved the following:
- Full name
- Social Security number
- Driver’s license or passport number
- Date of birth
- Medical information (e.g., lab results, diagnoses, treatment details)
- Health insurance provider and policy details
- Financial account and billing information
Some LSC employees and their dependents were also impacted by the breach.
What Is LSC Doing to Protect My Identity?
LSC has set up a dedicated support website at lscincidentsupport.com, where individuals can review affected locations and enroll in 12 to 24 months of free credit and identity monitoring. Victims can also call 855-549-2662 to request an activation code for enrollment.
The deadline to register for these services is July 14, 2025.
What Can Hackers Do With My Information?
Cybercriminals may use this stolen data to commit identity theft, open fraudulent credit accounts, submit false medical claims, or even impersonate victims in phishing scams. Some data may also be sold on the dark web, exposing victims to ongoing risks.
If you received a letter from LSC or believe you received lab services at a Planned Parenthood center in recent years, it is essential to understand what’s at stake and how to protect your legal rights. For more information, please review these recommendations.
Protect Your Identity. Join the LSC / Planned Parenthood Data Breach Investigation.
The legal investigation into this breach is ongoing and focuses on whether LSC took appropriate measures to protect patient information and provide timely notice. Victims may be eligible to join a class action lawsuit to recover compensation for time lost, emotional distress, and out-of-pocket expenses.
If you received a letter from LSC—or believe your information may have been compromised—please complete the form on this page. A data breach attorney will contact you to discuss your options. There is no cost and no obligation to speak with a lawyer.