A ransomware group has attacked another U.S. blood donation organization. New York Blood Center Enterprises (NYBCe) is one of the largest community-based, non-profit blood collection and distribution organizations in the United States. NYBCe operates 19 donor centers in New York and New Jersey and provides blood and stem cell products to around 70 hospitals in the area. Through its operating divisions in Connecticut, Delaware, Kansas, Minnesota, Missouri, Nebraska, Rhode Island, and Wisconsin, transfusion-related services are provided to more than 500 hospitals nationwide serving around 75 million people.On Sunday, January 26, 2025, suspicious activity was identified in its IT systems. Third-party cybersecurity experts were engaged to investigate, and it was confirmed that the suspicious activity was due to a ransomware attack. Steps were taken to contain the threat and eject the threat actor from its network and work is underway to restore its systems as quickly and safely as possible. Law enforcement has been notified, workarounds are being implemented to restore its services and fulfill orders, and NYBCe has been in regular communication with its hospital partners and is working on minimizing disruption to blood supplies.At this stage, NYBCe is unable to provide a timeline for when its systems will be restored. While the incident has affected the functionality of its IT systems, all blood donor centers remain operational and its community blood drives are continuing with donations being accepted; however, the IT issues caused by the ransomware attack mean processing times are likely to be longer than normal at its donation centers and blood drives and some donation center activities and blood drives may need to be rescheduled. The attack could not have come at a worse time. On January 21, 2025, just a few days before the attack, NYBCe declared a blood emergency due to a 30% reduction in blood donations in recent weeks that has caused a blood shortage in the region. Some blood drives have had to be canceled as a result of the attack.It is currently unclear which ransomware group is behind the attack and whether donor information was stolen. NYBCe has been providing updates on its website and will issue notifications to any affected individuals if it is confirmed that personal information has been stolen. Ransomware attacks on blood collection and distribution organizations can cause serious disruption to blood supplies. A July 2024 ransomware attack on the Florida-based blood organization, [OneBlood](https://www.hipaajournal.com/oneblood-ransomware-attack/), disrupted blood supplies to the 350 hospitals it serves in Alabama, Florida, Georgia, and North and South Carolina, forcing them to implement their critical blood shortage protocols.A ransomware attack on a [pathology service provider](https://www.hipaajournal.com/care-disrupted-at-london-hospitals-due-to-ransomware-attack-on-pathology-vendor/) to the UK’s NHS in June 2024 caused major disruption to blood transfusions in London and prolonged blood shortages due to the significant reduction in capacity. A ransomware attack on the Swiss pharma firm [OctaPharma](https://www.hipaajournal.com/octapharma-ransomware-attack/) in April 2024 resulted in the closure of all blood plasma donation centers in the United States for several weeks.The post [New York Blood Center Enterprises Grappling with Ransomware Attack](https://www.hipaajournal.com/new-york-blood-center-enterprises-ransomware/) appeared first on [The HIPAA Journal](https://www.hipaajournal.com).
Related Tags:
NAICS: 62 – Health Care And Social Assistance
NAICS: 623 – Nursing And Residential Care Facilities
NAICS: 92 – Public Administration
Blog: Hipaa Journal
Data Encrypted for Impact
Associated Indicators: