New York Blood Center Enterprises (NYBCe), a nonprofit organization that provides blood donations and products to over 70 hospitals across the United States, has been hit by a ransomware attack, which disrupted its services. The attack was first identified on January 26, 2025, when suspicious activity was detected in the organization’s IT systems. Following the discovery, the NYBCe worked with third-party cybersecurity experts to confirm that a ransomware attack had taken place. As part of their containment efforts, certain systems were taken offline, but the organization has not yet provided a timeline for when full restoration will occur.
The ransomware attack has caused delays in blood processing, as the organization warned that donation centers are still accepting blood, but processing times are longer than normal. Blood drives and donation appointments have been rescheduled in some areas, and NYBCe has promised to inform donors if their appointments need to be changed. The disruption is particularly concerning given the recent blood supply crisis, which led to a blood emergency being declared just days before the attack due to a drop in donations.
The incident highlights the growing trend of ransomware attacks targeting healthcare organizations, particularly those involved in critical services like blood donation. Previous attacks on organizations like OneBlood in 2024 and Change Healthcare, which experienced the largest healthcare data breach on record, emphasize the vulnerability of healthcare systems to cybercrime.
As attackers continue to target healthcare institutions, this raises serious concerns about the long-term impact on the sector’s ability to deliver essential services.
While no specific details have been released about the perpetrators behind the NYBCe attack, law enforcement agencies have been notified, and investigations are ongoing. The incident serves as a reminder of the increasing risk cyberattacks pose to healthcare organizations and the need for stronger cybersecurity measures to protect sensitive systems and data. As the NYBCe works to restore its services, the attack underscores the urgency of addressing cybersecurity vulnerabilities in critical healthcare infrastructure.
Reference: