New York Blood Center Enterprises hit by ransomware attack

A cyber attack has forced a US non-profit blood donor centre to postpone appointments despite declaring blood shortages just one week earlier. 

New York Blood Center Enterprises announced that it had “identified suspicious activity” affecting its IT systems on on 26 January 2025.

In a statement, published on 29 January, it said: “We immediately engaged third-party cybersecurity experts to investigate and confirmed that the suspicious activity is a result of a ransomware incident.

“We took immediate steps to help contain the threat and are working diligently with these experts to restore our systems as quickly and as safely as possible. Law enforcement has been notified.”

On 1 February and 2 February 17 blood drives were cancelled as a result of the cyber attack.

The centre, which is the largest independent blood supplier in the New York City area, confirmed that although it is still accepting blood donations, “processing times may be longer than normal”.

There is no estimated timetable for fully restoring its operations.

The attack follows a blood emergency announced by the centre on 22 January 2025, which it says was caused by “an alarming drop in donations over the past six weeks” owing to spring breaks and holiday travel.

New York Blood Center Enterprises said that all blood types were low and type O was at a one-to-two-day level.

The attack echoes the ransomware attack on NHS pathology provider Synnovis in June 2024, which led to NHS Blood and Transplant urgently calling for donations of O Positive and O Negative blood to boost stocks.

Several US health providers were also targeted by cyber criminals last year, including Kootenai Health in February 2024 and Ascension in May 2024.

Commenting on the latest cyber attack, Dr Darren Williams, chief executive and founder of BlackFog, said: “A devastating blow to the healthcare sector once again and this time, the New York Blood Center takes the hit.

“With lives depending on timely blood transfusions, disruptions like this put real people at risk, making ransomware attacks on healthcare providers even more insidious.

“The sector remains the top target for ransomware gangs, as attackers know the value of sensitive medical data, which is often used as leverage for ransom payouts and/or leaked on the dark web.

“In December 2024 alone, healthcare attacks surged by 13% from the previous month, and the relentless rise shows no sign of stopping.

“Until healthcare organisations ramp up their defences with stronger anti data exfiltration measures, I expect we’ll continue to see cybercriminals exploiting this vital sector, putting both data and lives in jeopardy.”

Speaking at NHS Confed in June 2024, Mark Edwards, chief information security officer at Digital Health and Care Wales, predicted that cyber attacks on critical national infrastructure are likely to increase due to global conflict.