OneBlood, a major blood donation nonprofit serving the southeastern United States, has confirmed a significant data breach resulting from a ransomware attack that occurred in July 2024.
The organization, which provides blood to over 250 hospitals across Florida, Georgia, Alabama, and the Carolinas, disclosed that sensitive personal information of donors was compromised during the incident.
The breach, initially detected on July 28, 2024, involved unauthorized access to OneBlood’s network between July 14 and July 29. During this period, attackers copied files and folders containing confidential donor information without authorization.
Following a comprehensive investigation that concluded on December 12, 2024, OneBlood determined that the affected files contained donors’ names and Social Security numbers.
Susan Forbes, Senior Vice President of Corporate Communications and Public Relations at OneBlood, stated, “We take the confidentiality, privacy, and security of information in our care seriously. Our team reacted quickly to assess our systems and began an investigation to confirm the full nature and scope of the event.
Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free
The ransomware attack severely disrupted OneBlood’s operations, forcing the organization to switch to manual processes for blood collection, testing, and distribution.
This significant reduction in capacity led to critical blood shortages, prompting OneBlood to ask partner hospitals to activate their critical blood shortage protocols.
In response to the breach, OneBlood has taken several steps to mitigate the impact and prevent future incidents. The organization has notified federal law enforcement and is working closely with cybersecurity specialists to enhance its security measures.
Additionally, OneBlood is offering affected individuals 12 months of complimentary credit monitoring and identity theft restoration services through TransUnion.
OneBlood urges all affected donors to remain vigilant against potential identity theft and fraud. Donors are advised to review their account statements, monitor their credit reports for suspicious activity, and consider placing credit freezes or fraud alerts on their accounts.
The incident at OneBlood is part of a concerning trend of cyberattacks targeting healthcare organizations and their suppliers. It follows similar attacks on other blood suppliers in recent months, highlighting the urgent need for enhanced cybersecurity measures in the healthcare sector.
Find this News Interesting! Follow us on Google News, LinkedIn, and X to Get Instant Updates!