New York Blood Center Enterprises hit by ransomware attack
- 3 February 2025

- Non-profit health system New York Blood Center Enterprises has been hit by a ransomware attack
- The centre had announced a "blood emergency" a week before the attack
- There is no timeline for IT systems to be fully restored
A cyber attack has forced a US non-profit blood donor centre to postpone appointments despite declaring blood shortages just one week earlier.Ā
New York Blood Center Enterprises announced that it had āidentified suspicious activityā affecting its IT systems on on 26 January 2025.
In a statement, published on 29 January, it said: āWe immediately engaged third-party cybersecurity experts to investigate and confirmed that the suspicious activity is a result of a ransomware incident.
āWe took immediate steps to help contain the threat and are working diligently with these experts to restore our systems as quickly and as safely as possible. Law enforcement has been notified.ā
On 1 February and 2 February 17 blood drives were cancelled as a result of the cyber attack.
The centre, which is the largest independent blood supplier in the New York City area,Ā confirmed that although it is still accepting blood donations, āprocessing times may be longer than normalā.
There is no estimated timetable for fully restoring its operations.
The attack follows a blood emergency announced by the centre on 22 January 2025, which it says was caused by āan alarming drop in donations over the past six weeksā owing to spring breaks and holiday travel.
New York Blood Center Enterprises said that all blood types were low and type O was at a one-to-two-day level.
The attack echoes the ransomware attack on NHS pathology provider Synnovis in June 2024, which led to NHS Blood and Transplant urgently calling for donations of O Positive and O Negative blood to boost stocks.
Several US health providers were also targeted by cyber criminals last year, including Kootenai Health in February 2024 and Ascension in May 2024.
Commenting on the latest cyber attack, Dr Darren Williams, chief executive and founder of BlackFog, said: āA devastating blow to the healthcare sector once again and this time, the New York Blood Center takes the hit.
āWith lives depending on timely blood transfusions, disruptions like this put real people at risk, making ransomware attacks on healthcare providers even more insidious.
āThe sector remains the top target for ransomware gangs, as attackers know the value of sensitive medical data, which is often used as leverage for ransom payouts and/or leaked on the dark web.
āIn December 2024 alone, healthcare attacks surged by 13%Ā from the previous month, and the relentless rise shows no sign of stopping.
āUntil healthcare organisations ramp up their defences with stronger anti data exfiltration measures, I expect weāll continue to see cybercriminals exploiting this vital sector, putting both data and lives in jeopardy.ā
Speaking at NHS Confed in June 2024, Mark Edwards, chief information security officer at Digital Health and Care Wales, predicted that cyber attacks on critical national infrastructure are likely to increase due to global conflict.