Key Takeaways
- A ransomware attack has led the New York Blood Center Enterprises to cancel multiple blood drives, impacting their operations.
- The center had recently declared a blood emergency due to low donations, particularly of type O blood.
- Experts are warning that healthcare organizations remain prime targets for cybercriminals, potentially jeopardizing patient safety and sensitive data.
Cyber Attack Disrupts Blood Donation Services
The New York Blood Center Enterprises has experienced a cyber attack that has resulted in the postponement of blood donation appointments, despite the organization declaring a blood shortage just a week prior. On January 26, 2025, the center reported suspicious activity affecting its IT systems. A formal announcement on January 29 revealed that the investigation confirmed a ransomware incident.
In response, the blood center engaged third-party cybersecurity experts to contain the threat and work on restoring operations. Law enforcement has also been notified of the breach. Unfortunately, the repercussions of the attack led to the cancellation of 17 blood drives on February 1 and 2. While the center is still accepting blood donations, it warned that processing times may be longer than normal. There is currently no timeline available for when full operations will be restored.
The cyber incident occurs shortly after the center highlighted a blood supply crisis on January 22, attributing it to a significant decline in donations over the prior six weeks, a trend influenced by spring breaks and holiday travel. At that time, they reported that all blood types were critically low, with type O having only a one-to-two-day supply.
This attack echoes a previous ransomware incident affecting NHS pathology provider Synnovis in June 2024, which prompted urgent appeals for O Positive and O Negative donations. Throughout the previous year, numerous US healthcare providers faced similar cyber-related issues, including Kootenai Health and Ascension.
Dr. Darren Williams, CEO and founder of BlackFog, commented on the rising threat cyber attacks pose to the healthcare sector, emphasizing that these disruptions put lives at risk, especially when timely blood transfusions are essential. As attackers recognize the value of sensitive medical data, healthcare organizations have become prime targets for ransomware gangs. The sector is witnessing an alarming rise in cyber incidents; attacks surged by 13% in December 2024 compared to the previous month.
Mark Edwards, Chief Information Security Officer at Digital Health and Care Wales, remarked at a conference in June 2024 that increased global conflict could lead to more cyber attacks on critical national infrastructure, further escalating the situation.
These developments underline the urgent need for healthcare organizations to strengthen their defenses against cyber threats, as failure to do so poses significant risks to both patient safety and data integrity.
The content above is a summary. For more details, see the source article.
