Hackers Just Attacked Planned Parenthood, but the Real War Is So Much Bigger
They wear masks and bulletproof vests, and they change their driving route on their way to the office. They take back entrances, hide their identities and rarely tell people what they do for a living. Not all of them have it this hard, but for people who work for abortion providers and companies like Planned Parenthood, anonymity can be the only thing standing in the way of those who want to stop their work through any means necessary.
On Monday morning, hackers published a list of 333 names and email addresses of people who are allegedly associated with Planned Parenthood. It's the most recent installment in a long history of anti-abortion activism, where doxxing isn't just a tool of shaming and invading privacy but the first step on the road to ruining lives — or ending them.
On Monday afternoon, Planned Parenthood released a statement acknowledging the hack and blaming "extremists" who "have called on the world's most sophisticated hackers to assist them in breaching our systems and threatening the privacy and safety of our staff members."
The inside story of the Planned Parenthood attack: The information was leaked by a small hacking group called 3301, an international group of five hackers and friends with various motives and interests. They say they're affiliated with the notorious Lizard Squad and other hacking groups, and are sympathetic to incarcerated hacker heroes like Rory Guidry, whom they'd like to see set free.
"We have a lot of future targets," Jansson, one of the members of 3301, told Mic. "We're going to be here for a while yet."
"I guess [abortion providers can] just buy a gun," one of the hackers told Mic. "That's what America is good for, right?"
Planned Parenthood is 3301's first publicized target. Two members of the group have strict anti-abortion beliefs, whereas Jansson is just more interested in the challenge of finding vulnerabilities in major systems that claim to be totally secure. Not that Jansson doesn't have his own political beef with America.
"Corruption, racism, the fact they act like [they're] the world police," Jansson told Mic, listing his grievances with the U.S. "Also the fact people think Donald Trump would make a good president is crazy."
Jansson said that the group has information about women who received abortions at Planned Parenthood facilities, as well as the Social Security number of Planned Parenthood's CEO, but they don't plan to release that information — at least not yet. Jansson said he insisted to the team members in charge of leaking info that they only dump the information of workers, not actual abortion-seekers. He trusts that his team won't leak that info.
This hack wasn't a sophisticated work of evil genius. Essentially, the team found out that Planned Parenthood was using an old piece of software — an outdated version of CONCRETE5, Planned Parenthood's content management system — and hit it where it was most dated and vulnerable. The websites of NGOs and municipalities are notoriously easy to exploit.
But even if this is a one-off attack (as opposed to a concerted and consistent effort to take down abortion clinics and family service providers), it's part of a long history of doxxing and exposing abortion providers and their allies. It's a gruesome war as old as the Internet itself.
The Nuremberg Files: In 1997, an anti-abortion extremist named Neal Horsley created a chilling website called the Nuremberg Files. The site contained the names of about 200 working abortion providers with their approximate locations alongside GIFs of dripping blood and encouragements to "SEND US MORE NAMES!"
If one of the providers was injured, his or her font color turned from black to grey. If they were killed, their name was struck through,
like this. The message was clear: This is a scorecard.
"Anti-abortion extremists use online tools just like any other movement does." David S. Cohen, Drexel University professor and co-author of the book Living in the Crosshairs: The Untold Stories of Anti-Abortion Terrorism, told Mic. "Publishing a list like this is just another way for someone out there who wants to do harm — and we know those people exist — to get more information that facilitates their harm."
Jansson said that the group has information about women who received abortions at Planned Parenthood facilities, as well as the Social Security number of Planned Parenthood's CEO, but they don't plan to release that information — at least not yet.
Lists like these can be a jumping-off point for stalking and harassment campaigns against providers, with the eventual goal of driving these services into the ground, either forcibly or through sheer intimidation and existential dread: the thought that any car behind you could be following you home, or that anyone standing near the door of your office might be waiting just for you.
"It scares people from becoming abortion providers, which limits women's access to abortion because it reduces the pool of services," Cohen said.
Horsley died in April at the age of 70, but the site is still online, as chilling as ever. Monday's public list, the one released by 3301, is much longer.
There hasn't been a murder at an abortion provider since 2009 — there have been eight total over the last 25 years — but don't mistake that for a victory in the fight against anti-abortion terror. According to the yearly National Clinic Violence Survey, lighter forms of harassment like blockading and stalking are becoming more common than explicit acts of violence, which are reserved for targeting small groups of vulnerable clinics.
And these less physically dangerous harassment techniques are spreading to more and more clinics. Since 2010, the percent of clinics reporting incidences of harassment has gone from 26.6% to over 51%.
Privacy is essential to the job of abortion providers. Because so many threats face them, many clinic workers take drastic measures to protect their privacy. Anti-abortion extremists cast this as evidence that these providers are ashamed of their work and know what they're doing is wrong, Cohen told Mic, but the fact of the matter is that these measures are necessary self-defense precautions.
Of course, the fall-back defense for anti-abortion protesters — the ones who support doxxing, but don't explicitly call for violence against providers — is that they expose this information for the public good, so you know who these people are. But this, as Cohen put it, is just a way to abdicate responsibility, and not a very clever one. From Slate:
As one abortion provider, whose personal information was recently put on the Internet and whose house was picketed, told us: "They think that if people are identified, if videos are put on YouTube, if they have our license plate and home address, it's just a way of bullying and harassing people." Another provider explained the intimidation involved: "The protesters make the assumption that abortion providers are intimidated when personal information is in the hands of antis. It is never with the intent of 'I know you're an abortion provider,' but more specifically, 'I know who you are and you should be concerned that I know who you are.' "
"These activists, these militant anti-abortion activists, do nothing to improve the health and safety of women," Planned Parenthood president Cecile Richards told CNN after the recent release of an alleged undercover video of Planned Parenthood officials discussing a supposed sale of fetal tissue. "And if they had their way, women could no longer come to Planned Parenthood for birth control services, for breast cancer screenings, for cervical cancer screenings or any other health care."
Planned Parenthood began investigating the alleged hack on Monday morning, working to mitigate possible damage and determine whether or not this is, in fact, a system breach — hackers have invented these lists or compiled them from publicly available info in the past.
Since 2010, the percent of clinics reporting incidences of harassment has gone from 26.6% to over 51%.
"It's unsurprising that those opposed to safe and legal abortion are participating in this campaign of harassment against us and our patients, and claiming to stoop to this new low," Planned Parenthood executive vice president Dawn Laguens told Mic in an email.
As for 3301, Jansson said that they're probably done with Planned Parenthood and will be moving on to new targets soon. And what about people who might be in harm's way because of the sudden exposure of their identities?
"I guess they just buy a gun," Jansson told Mic. "That's what America is good for, right?"