OneBlood confirms personal data theft in ransomware attack

OneBlood, a prominent blood-donation not-for-profit serving over 250 hospitals nationwide, has confirmed a significant data breach that exposed donors’ personal information. The organization disclosed that malicious actors compromised its network through a ransomware attack last summer, marking a critical setback in its operations.

The incident first came to public attention on July 31, 2024, when OneBlood revealed that ransomware had infiltrated its systems, leading to the encryption of virtual machines. In response, the healthcare provider was compelled to resort to manual processes, disrupting blood supply collection, testing, and distribution. This disruption triggered ’critical blood shortage’ protocols in several clinics, prompting urgent appeals for O Positive, O Negative, and Platelet donations, crucial for emergency transfusions.

Following extensive investigations, OneBlood determined that the breach occurred on July 14, 2024, with unauthorized access continuing until July 29, 2024—only discovered the day before the breach was fully contained. The compromised files included sensitive data such as names and Social Security numbers (SSNs), posing significant risks for identity theft and financial fraud.

In response to the breach, OneBlood has initiated notifications to affected individuals, notifying them of the potential exposure of their personal information. While the compromised data is limited to names and SSNs, which are difficult to change and highly valuable to cybercriminals, the organization has taken steps to mitigate risks. Affected individuals have been offered activation codes for free one-year credit monitoring services, valid until April 9, 2025, and recommendations to consider credit freezes and fraud alerts on their accounts.