Cyber Incident Victim: New York Blood Center Enterprises
Date:
Jan 2025
Location:
United States of America
Summary
New York Blood Center Enterprises experienced a ransomware incident that disrupted IT systems across all operating divisions, prompting immediate containment measures including system takedowns and engagement of cybersecurity experts. The attack initially forced cancellations of blood collection activities and donor appointments, though collection services fully resumed shortly afterward with manual workarounds causing operational delays, while distribution recovery progressed toward near-normal capacity with residual phone service disruptions at specific regional divisions. Critical medical services including pharmacy operations, clinical apheresis, clotting factor distribution, and cryopreservation remained functional throughout the incident, supported by alternative communication channels and sustained community blood donations to stabilize supply chains.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On January 26, 2025, New York Blood Center Enterprises (NYBCe) and its operating divisions identified suspicious activity affecting their IT systems. The organization immediately engaged third-party cybersecurity experts to investigate the incident, which was subsequently confirmed as a ransomware attack. NYBCe took containment measures, including taking certain systems offline, and notified law enforcement. The ransomware incident impacted all NYBCe operating divisions, disrupting blood collection activities, donor center operations, and community blood drives. This forced the cancellation or rescheduling of donor appointments and blood drives during the initial response phase. While core clinical services like Patient Apheresis Therapy (PAT), Clinical Apheresis, pharmacy operations, clotting factor concentrate distribution, and cryopreservation remained functional, broader operational disruptions occurred. NYBCe implemented manual workarounds to maintain essential services and communicated directly with hospital partners to manage order fulfillment amid system outages.
By February 3, 2025, NYBCe resumed all blood collection activities across donor centers and community blood drives, while working to reschedule previously canceled appointments. Distribution operations showed significant progress toward normalization, though manual processes caused longer wait times. Inbound calling remained disrupted at Memorial Blood Centers and Nebraska Community Blood Bank, requiring alternative contact methods via online inquiry forms. The organization acknowledged sustained donor support as critical for recovery, noting that external blood centers and partners provided thousands of units to stabilize supply during the outage. No data theft or patient safety compromises were disclosed in available updates. NYBCe continued restoration efforts with third-party experts, emphasizing operational recovery over attributing the ransomware's origin or detailing technical containment methods. Blood collection and distribution systems were prioritized for restoration, with no specified timeline for full system recovery beyond incremental progress reported as of February 5, 2025.