The controversy swirling around the Planned Parenthood organization continues. Last week, ugly video surfaced that showed Planned Parenthood executives discussing the sale of fetus' organs and tissues for research purposes.
Now, we are learning about a cyberattack that may have compromised the nonprofit's databases and employees' personal information. The hack was carried out by a vigilante and politically-motivated group calling itself 3301.
The group claims on its website that it hacked Planned Parenthood in retaliation for the "years and thousands of dollars that Planned Parenthood have wasted and made harvesting your babies." The group also claims that it will release the stolen email addresses of employees as well as documents detailing Planned Parenthood's abortion practices and plans.
It seems 3301 was able to break into Planned Parenthood's servers via a Blind SQL injection attack. An SQL injection attack works against websites that have SQL databases, which is most sites that store user information. Basically, hackers send database command codes to the target site over the Internet, and if the site's database has a flaw in the security that accepts them, the hackers can see all the information in the database.
It's a fairly basic attack, and most sites that store user information test for it regularly. By comparison, 3301 wasn't able to get into Planned Parenthood's Twitter page as many other hacking groups have done to other organizations.
In the meantime, Planned Parenthood, the FBI and the Department of Justice are continuing to investigate. As this was being written, none of Planned Parenthood's internal emails has been released.
Stay tuned to what's Happening Now for the latest on this story as it breaks.