Ransomware attack on major US blood center prompts hundreds of hospitals to implement shortage protocols

Avatar

One of the largest blood centers in the U.S. is operating at reduced capacity after ransomware hackers shut down parts of its system. 

Nonprofit OneBlood, which provides blood to healthcare facilities across the southeast, released a statement on Wednesday warning the public that the ransomware attack is impacting their ability to operate.

“We have implemented manual processes and procedures to remain operational. Manual processes take significantly longer to perform and impacts inventory availability,” said Susan Forbes, OneBlood senior vice president of corporate communications.

“In an effort to further manage the blood supply we have asked the more than 250 hospitals we serve to activate their critical blood shortage protocols and to remain in that status for the time being.”

OneBlood said it is now working with cybersecurity specialists alongside federal and state officials to resolve the crisis. The organization provides blood and other healthcare material to hundreds of hospitals across Alabama, South Carolina, Florida, Georgia and North Carolina.

The organization is still operational and has continued to collect, test and distribute blood but is “operating at a significantly reduced capacity.”

The incident has prompted an outpouring of support from other blood organizations and the AABB Disaster Task Force is now organizing efforts to send blood and platelets to OneBlood. There is an urgent need for O positive, O negative and platelet donations, but all blood types are needed. 

Forbes said the company immediately began an investigation to confirm the attack before kicking off efforts to address the incident. 

“Our comprehensive response efforts are ongoing and we are working diligently to restore full functionality to our systems as expeditiously as possible,” Forbes explained. 

“The blood supply cannot be taken for granted. The situation we are dealing with is ongoing. If you are eligible to donate, we urge you to please make an appointment to donate as soon as possible.”

The attack was first reported by CNN, which obtained an advisory sent to the Health Information Sharing and Analysis Center that warned of potential shortages at hospitals in Florida. The organization has had to manually label blood products due to the ransomware attack, CNN reported

The attack comes just one week after a prominent U.K. blood test provider said it has made significant progress in rebuilding substantial parts of its IT infrastructure following a ransomware attack in June

Pathology services provider Synnovis was attacked by the Qilin ransomware gang last month, causing the cancellation of more than 1,000 critical surgeries and forcing England’s National Health Service to issue urgent calls for O-type blood donations. 

The ransomware attack left U.K. national blood stocks “in a very fragile position,” according to a letter sent two weeks ago to National Health Service chief executives.

Ransomware gangs also attacked the national lab service of South Africa, gravely impacting the country’s efforts to deal with several concurrent health crises — mpox, HIV and tuberculosis.

CybercrimeNews
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Previous Post

New version of sophisticated spyware remained undetected on Google app store for two years

Next Post

Germany summons Chinese ambassador over cyberattack on cartography agency

Related Posts

New “Raptor Train” IoT Botnet Compromises Over 200,000 Devices Worldwide

Cybersecurity researchers have uncovered a never-before-seen botnet comprising an army of small office/home office (SOHO) and IoT devices that are likely operated by a Chinese nation-state threat actor called Flax Typhoon (aka Ethereal Panda or RedJuliett). The sophisticated botnet, dubbed Raptor Train by Lumen's Black Lotus Labs, is believed to have been operational since at least May 2020,
Avatar
Read More

Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials

A threat actor known as BrazenBamboo has exploited an unresolved security flaw in Fortinet's FortiClient for Windows to extract VPN credentials as part of a modular framework called DEEPDATA. Volexity, which disclosed the findings Friday, said it identified the zero-day exploitation of the credential disclosure vulnerability in July 2024, describing BrazenBamboo as the developer behind DEEPDATA,
Avatar
Read More