New York Blood Center Enterprises (NYBCe) recently identified a ransomware attack affecting its IT systems. The organization has engaged third-party cybersecurity experts to contain the threat and restore services.
On January 26, NYBCe and its divisions detected suspicious activity in their IT systems. After an investigation, cybersecurity experts confirmed it was a ransomware incident. In response, NYBCe isolated affected systems and initiated restoration efforts while notifying law enforcement.
Despite the attack, NYBCe continues operations, with some delays in blood processing times. The organization is working closely with hospital partners and implementing workarounds to fulfill critical orders.
The recent NYBCe cybersecurity incident update states, “We remain incredibly grateful for the generous response of our greater blood community – including our hospital partners, hospital associations, blood centers across the country, the AABB Interorganizational Task Force, and our donors – who have all come together to help advance our shared mission.”
Blood centers supply hospitals with life-saving blood and platelets for surgeries, trauma care, and medical treatments. Therefore, when these centers suffer ransomware attacks, they disrupt critical services and impact patient care.
More specifically, these disruptions can slow down processing, tracking, and distribution, potentially delaying urgent medical procedures.
Although the NYBCe is responding to the incident, a full system restoration may take time. Blood donors are encouraged to continue their contributions, as the need for donations remains urgent.
Ransomware is malicious software that encrypts a victim's data, with attackers demanding payment to restore access or prevent data leaks.
A breach occurs when an unauthorized party gains access, uses or discloses protected health information (PHI) without permission. Breaches include hacking, losing a device containing PHI, or sharing information with unauthorized individuals.
See also: How to respond to a data breach
If individuals suspect their data has been compromised, they must monitor their accounts for suspicious activity and report any unauthorized transactions immediately.