New York Blood Center Enterprises hit by ransomware attack

  • 3 February 2025
New York Blood Center Enterprises hit by ransomware attack
Shutterstock.com
  • Non-profit health system New York Blood Center Enterprises has been hit by a ransomware attack
  • The centre had announced a "blood emergency" a week before the attack
  • There is no timeline for IT systems to be fully restored

A cyber attack has forced a US non-profit blood donor centre to postpone appointments despite declaring blood shortages just one week earlier.Ā 

New York Blood Center Enterprises announced that it had ā€œidentified suspicious activityā€ affecting its IT systems on on 26 January 2025.

In a statement, published on 29 January, it said: ā€œWe immediately engaged third-party cybersecurity experts to investigate and confirmed that the suspicious activity is a result of a ransomware incident.

ā€œWe took immediate steps to help contain the threat and are working diligently with these experts to restore our systems as quickly and as safely as possible. Law enforcement has been notified.ā€

On 1 February and 2 February 17 blood drives were cancelled as a result of the cyber attack.

The centre, which is the largest independent blood supplier in the New York City area,Ā confirmed that although it is still accepting blood donations, ā€œprocessing times may be longer than normalā€.

There is no estimated timetable for fully restoring its operations.

The attack follows a blood emergency announced by the centre on 22 January 2025, which it says was caused by ā€œan alarming drop in donations over the past six weeksā€ owing to spring breaks and holiday travel.

New York Blood Center Enterprises said that all blood types were low and type O was at a one-to-two-day level.

The attack echoes the ransomware attack on NHS pathology provider Synnovis in June 2024, which led to NHS Blood and Transplant urgently calling for donations of O Positive and O Negative blood to boost stocks.

Several US health providers were also targeted by cyber criminals last year, including Kootenai Health in February 2024 and Ascension in May 2024.

Commenting on the latest cyber attack, Dr Darren Williams, chief executive and founder of BlackFog, said: ā€œA devastating blow to the healthcare sector once again and this time, the New York Blood Center takes the hit.

ā€œWith lives depending on timely blood transfusions, disruptions like this put real people at risk, making ransomware attacks on healthcare providers even more insidious.

ā€œThe sector remains the top target for ransomware gangs, as attackers know the value of sensitive medical data, which is often used as leverage for ransom payouts and/or leaked on the dark web.

ā€œIn December 2024 alone, healthcare attacks surged by 13%Ā from the previous month, and the relentless rise shows no sign of stopping.

ā€œUntil healthcare organisations ramp up their defences with stronger anti data exfiltration measures, I expect weā€™ll continue to see cybercriminals exploiting this vital sector, putting both data and lives in jeopardy.ā€

Speaking at NHS Confed in June 2024, Mark Edwards, chief information security officer at Digital Health and Care Wales, predicted that cyber attacks on critical national infrastructure are likely to increase due to global conflict.

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Related News

Synnovis staff to strike following ‘alarming impact’ of cyber attack

Synnovis staff to strike following ‘alarming impact’ of cyber attack

Staff working for NHS pathology provider Synnovis have announced plans to strike for five days, following a major cyber attack in June 2024.
Mike Fell: ‘The evidence is that cyber attacks against the NHS have plateaued’

Mike Fell: ‘The evidence is that cyber attacks against the NHS have plateaued’

Ahead of speaking at Rewired 2025, Mike Fell, executive director of national cyber security operations at NHSE, sat down with Digital Health.
Cyber Security Bill will prevent future attacks on NHS, says DSIT

Cyber Security Bill will prevent future attacks on NHS, says DSIT

A Bill intended to improve UK cyber defences will prevent attacks similar to the ransomware attack impacting London hospitals, said the DSIT.

Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.