OneBlood Ransomware Attack Exposes Donor Data and Disrupts Operations
2025-01-14
Learn about the critical importance of cybersecurity in healthcare and how breaches can severely impact operations and data privacy.
OneBlood, a blood-donation not-for-profit, experienced a ransomware attack in July 2024, resulting in the theft of donors' personal data, specifically names and Social Security numbers. The attack disrupted operations, causing delays in blood collection and distribution. An investigation completed in December 2024 confirmed the breach occurred on July 14, 2024, with threat actors maintaining network access until July 29. OneBlood has since notified affected individuals, offering a year of free credit monitoring and advising on additional protective measures. The total number of impacted individuals remains undisclosed.
Sensitive Data, Malware
OneBlood, Ransomware, Data Breach, Healthcare Cybersecurity, Donor Data, Network Security
N/A
OneBlood
In July 2024, OneBlood, a non-profit organization that supplies blood to over 250 hospitals across the United States, suffered a significant ransomware attack. This attack encrypted the organization's virtual machines, forcing them to revert to manual processes. The disruption led to delays in blood collection, testing, and distribution, prompting some clinics to implement critical blood shortage protocols. The attack had a profound impact on OneBlood's operations. With virtual machines encrypted, the organization faced severe challenges in maintaining its usual service levels. This situation necessitated an urgent call for O Positive, O Negative, and Platelet donations, due to their universal compatibility for urgent transfusions. An investigation into the breach was completed in December 2024. It revealed that the attackers gained access to OneBlood's network on July 14, 2024, and maintained their presence until July 29, just a day after the breach was discovered. During this time, the attackers accessed files containing personal information, specifically names and Social Security numbers of donors. Although OneBlood collects additional data such as phone numbers, email and physical addresses, demographic details, and medical history, only names and Social Security numbers were compromised. Following the completion of the investigation, OneBlood began notifying affected individuals, offering them a free one-year credit monitoring service. The notification included activation codes for this service, which recipients are encouraged to use by April 9, 2025. Additionally, impacted individuals are advised to place credit freezes and fraud alerts on their accounts to safeguard against potential financial damages. While OneBlood fulfilled its commitment to inform affected individuals of the data exposure, the six-month delay left those individuals vulnerable. The organization has not disclosed the total number of individuals impacted by the attack.OneBlood's Ransomware Attack and Data Breach
Impact on Operations
Data Breach Details
Mitigation and Notification
Conclusion