The nonprofit blood donation organization called OneBlood based in Florida suffered a ransomware attack that is impacting its capacity to supply blood to hospitals. OneBlood provides blood to about 250 hospitals located in Alabama, Georgia, North and South Carolina, and Florida. OneBlood reported on July 31, 2024 that a ransomware attack impacted its software program. The organization still provides its services of collecting, testing, and distributing blood. However, it uses manual steps and procedures which is more time-consuming, and so operations are substantially less efficient.
Because of the restricted operational efficiency, OneBlood advised all hospitals it serves to follow its critical blood shortage plan and to stay in that state until the ransomware attack is taken care of. AdventHealth in Florida was impacted by the ransomware attack and implemented its blood conservation plan. To help avoid critical blood deficiency, the national blood community sends blood and platelets to the hospitals and patients OneBlood serves.
According to OneBlood, it needs all blood types but O-negative and O-positive blood and platelet donations are urgently needed. Donors throughout the country are encouraged to donate blood immediately. The AABB Disaster Task Force is coordinating national resources to send more blood to OneBlood.
OneBlood and cybersecurity experts are doing an investigation to find out the extent of the cyberattack. At this point of the investigation, no information is available yet concerning the extent of the cyberattack, or if the attackers stole any donor information. More details will be published as the investigation moves along. In case donor data is compromised, OneBlood will issue the notifications to the impacted patients in compliance with HIPAA breach notification rule at.
A source mentioned that when the attack happened, data encryption on its VMware hypervisor infrastructure happened. OneBlood mentioned that it is working 24 / 7 to regain its software network. Although the threat actor behind the attack has not made any announcement, it is suspected that the RansomHub group conducted the attack. RansomHub do not hesitate to carry out attacks on healthcare providers. It has attacked the following lately: the Florida Department of Health, Rite Aid pharmacy chain, the Baim Institute for Clinical Research in Boston, American Clinical Solutions (ACS) in Florida, and the NRS Healthcare in the U.K. Although RansomHub did not attack Change Healthcare, it did try to extort the company after getting a copy of the stolen data.
Other healthcare organizations had been attacked by ransomware that resulted in shortages of blood supply. On June 3, 2024, the Qilin ransomware group attacked Synnovis, which is a UK-based pathology services provider to healthcare organizations like the National Health Service (NHS). The cyberattack caused a major problem to patient services in London like blood transfusions. Without the automated processes, NHS could not operate as usual and so blood remained in shortage.
The hospitals served by Synnovis were told to use O Type blood for critical cases only and to make substitutions if it was okay to do so. Synnovis already stated that it repaired its systems; but, its blood transfusion services are likely to face other problems in the summer since a complete restoration won’t be until the start of autumn. One more attack impacted the U.S. -managed Swiss pharma company called OctaPharma Plasma. Octa Pharma manages over 190 donation centers in 35 states. The ransomware attack is considered to have been carried out by the BlackSuit ransomware group and compelled OctaPharma Plasma to quit its donation centers for a few weeks.