Pierluigi Paganini February 01, 2025

The New York Blood Center faced a ransomware attack on Sunday, forcing the healthcare organization to reschedule appointments.

The New York Blood Center suffered a ransomware attack on Sunday, causing appointment rescheduling.

The New York Blood Center (NYBC) is a community, nonprofit blood bank based in New York City. The community was established in 1964 by Dr. Aaron Kellner, NYBC supplies blood to approximately 200 hospitals in the Northeast United States. NYBC and its operating divisions also provide transfusion-related medical services to over 500 hospitals nationally.

NYBC and its divisions collect 4,000 blood units daily, serving over 75 million people across the Tri-State, Mid-Atlantic, Midwest, and New England regions.

The organization began investigating suspicious activity on its infrastructure in January 26 with the help of external cybersecurity experts, but discovered the ransomware attack on January 29. NYBC also notified law enforcement. No ransomware group has claimed responsibility for the attack.

“On Sunday, January 26, New York Blood Center Enterprises and its operating divisions identified suspicious activity affecting our IT systems. We immediately engaged third-party cybersecurity experts to investigate. This investigation has confirmed that the suspicious activity is a result of a ransomware incident.” reads the statement published by the company. “We took immediate steps to help contain the threat, including taking certain systems offline. We are working diligently with these experts to restore our systems as quickly and as safely as possible.”

The company took immediate steps to mitigate and contain the attack, its experts are working to restore the impacted systems. At this time, it is unclear if threat actors stole sensitive data from the blood center.

NYBC does not have a set timeline for system restoration but is working with experts to restore operations safely. NYBC still accepts blood donations, though processing times may be longer. The organization is communicating updates with donor centers, sponsors, and donors.

On January 22, NYBC declared a blood emergency due to a sharp donation decline from spring breaks and travel. All blood types are low, especially type O. The shortage coincides with rising COVID cases, driven by the Omicron subvariant BA.2.12.1 in New York.

In July 2024, OneBlood, a non-profit blood bank serving over 300 U.S. hospitals, suffered a ransomware attack that disrupted its medical operations.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Blood Center)