Laboratory Services Cooperative (LSC), a Seattle-based non-profit laboratory testing provider for select Planned Parenthood centers, has disclosed a significant data breach affecting 1.6 million individuals across the United States.
The incident, which was discovered in late October 2024, involved unauthorized access to sensitive health, insurance, and financial data.
The breach was first identified on October 27, 2024, when LSC detected suspicious activity on its network. In response, the organization engaged third-party cybersecurity experts and notified federal law enforcement. A forensic investigation later confirmed that an external attacker had infiltrated the network and exfiltrated data files belonging to LSC.
LSC publicly disclosed the incident on April 10, 2025, and began issuing notifications to affected individuals. According to a regulatory filing with the Maine Attorney General’s Office, the breach impacted 1.6 million people nationwide.
The compromised data varies by individual but may include:
- Names
- Addresses
- Contact information
- Dates of service
- Diagnoses
- Treatment details
- Lab results
- Insurance information
- Payment and banking data
- Social Security numbers
- Government-issued IDs
For affected LSC employees, the breach may also involve information related to dependents or beneficiaries.
Laboratory Services Cooperative operates as a backend diagnostic service provider, handling lab testing for certain Planned Parenthood centers in the U.S. These partnerships began at different times across states, and not all Planned Parenthood centers were impacted. LSC emphasized that only patients who had lab work processed through its systems may be affected, and it has published an online FAQ to clarify which states and centers are potentially involved.
At the time of disclosure, LSC stated that it had not found any evidence that the stolen data was circulating on dark web marketplaces. Nevertheless, the organization is continuing to monitor for signs of misuse with the help of cybersecurity specialists. As a precaution, LSC is offering all affected individuals 12 months of free credit monitoring and medical identity protection through CyEx Medical Shield Complete, including a version tailored for minors.
LSC has set up a dedicated website and toll-free hotline (1-855-549-2662) to assist impacted individuals. Concerned parties are advised to review the resources provided, enroll in identity protection services, and remain vigilant for signs of fraud or medical identity theft.
Affected individuals are recommended to take the following actions:
- Enroll in the free credit and medical identity monitoring services provided by LSC via LSCIncidentSupport.com.
- Monitor bank accounts and credit reports for unauthorized activity.
- Place a fraud alert or security freeze on credit files with major credit bureaus if concerned.
- Watch for suspicious medical bills or insurance claims that could indicate identity misuse.
- Be cautious of phishing emails or phone calls referencing the breach.
Leave a Reply