Ransomware Attack Disrupts Blood Donation Services in US

Written by

New York Blood Center Enterprises (NYBCe) has been hit by a ransomware attack, disrupting critical blood donation services across the US.

The collection of independent community-based blood centers revealed in a statement on January 29 that it had taken certain systems offline to contain the threat.

The NYBCe said it first identified suspicious activity affecting its IT systems on January 26. An investigation in coordination with third-party cybersecurity experts confirmed that this activity was a result of a ransomware attack.

The non-profit is now working with experts to restore systems as quickly as possible, although there is currently no timetable for this process to be completed.

Law enforcement has been notified of the incident.

No information has currently been provided about the identity of the perpetrator, or whether any data was accessed.

NYBCe provides blood donations and products to 70 area hospitals and serves over 75 million people across the country. It has centers in locations across the US, including in New York, Nebraska, Delmarva, Kansas and Connecticut.

Blood Donation Services Disrupted

As a result of containment measures, the NYBCe warned that while blood donations are being accepted at its centers, processing times may be longer than normal.

“Donation center activities and blood drives may need to be rescheduled. If we determine any donation appointments need to be rescheduled, we will let our donors know as quickly as possible,” the NYBCe wrote.

Writing on X , New York State Senator Dean Murray told his followers at 10.58am EST on January 29, that due to “computer issues” at the NYBC, a blood drive scheduled at the Lake Grove Community Center on January 30 had been cancelled.

“Anyone who was planning to donate I urge you to consider coming to our next blood drive,” the Senator wrote.

The ransomware attack came just days after one of NYBCe’s divisions, the New York Blood Center, declared a blood emergency on January 21. This was a result of a nearly 30% drop in donations in recent weeks head which had “crippled the region’s blood supply.”

Ransomware Attackers Doubling Down on Healthcare

The new incident highlighted the growing ransomware threat to healthcare, with attackers showing no reticence for targeting critical medical services.

In July 2024, another prominent US blood donation center, OneBlood, was hit by a ransomware attack, significantly reducing its capacity to collect, test and distribute blood to hospitals in Southeastern US.

The largest healthcare data breach on record took place in 2024 as a result of a ransomware attack on US healthcare payment provider Change Healthcare. It has been reported that 190 million US citizens have had their personal information impacted.

The incident heavily disrupted prescription services across the US and resulted in the firm’s parent company, UnitedHealth Group, paying a $22m ransom to the attackers to restore its IT systems.

A January 2025 report by Netwrix found that 84% of healthcare organizations detected a cyber-attack or intrusion in 2024.

What’s hot on Infosecurity Magazine?