Nonprofit blood bank OneBlood, which serves hundreds of American hospitals based in the Southeast region, has been affected by a ransomware attack that has disrupted its software systems.
“In an effort to further manage the blood supply, we have asked the more than 250 hospitals we serve to activate their critical blood shortage protocols and to remain in that status for the time being,” she said.
Blood centers nationwide are sending blood and platelets to OneBlood to help augment supply, the group said. The organization said there was an “urgent need” for O Negative, O Positive, and Platelet donations.
OneBlood serves 355 hospitals across Alabama, Florida, North Carolina, South Carolina, and Virginia.
“The blood supply cannot be taken for granted. The situation we are dealing with is ongoing. If you are eligible to donate, we urge you to please make an appointment to donate as soon as possible,” Forbes said.
The ransomware attack on OneBlood is the latest in a series of hacking attempts targeting U.S. health care facilities.
During a House hearing in May, the company’s CEO said an estimated one-third of Americans could have had their sensitive health information leaked to the dark web. He said the company paid the hackers $22 million in bitcoin as ransom.
Health Care Sector Cyber Risk
A June report by data security company SecurityScorecard pointed out that 35 percent of third-party data breaches in the United States last year affected health care organizations, “outpacing every other sector.”“The supplier ecosystem is a highly desirable target for ransomware groups. Attackers can infiltrate hundreds of organizations through a single vulnerability without being detected,” it said.
The comapny scored the U.S. health care industry “B+” for cybersecurity capabilities for the first half of 2024. While ratings were “better than expected,” the firm noted there was still room for improvement.
Organizations that have a rating of B are 2.9 times more likely to be victims of data breaches than entities with an A rating.
SecurityScorecard found that app security flaws were one of the biggest vulnerabilities among health care organizations. With the Change Healthcare hack costing some companies $1 million a day, executives are placing more stress on cybersecurity measures, the company noted.
The White House convened a meeting of top executives from the health care sectors in May to boost cybersecurity solutions. The same month, the Advanced Research Projects Agency for Health launched a program that will invest more than $50 million to create tools that can be used by IT teams to better defend hospital networks.
Cyberattacks against the U.S. health care system jumped by 128 percent between 2022 and 2023, according to the White House. These incidents can be especially disruptive to hospitals in the rural regions that service 60 million Americans.
“Most rural hospitals are critical access hospitals, meaning they are located more than 35 miles from another hospital, which makes diversions of patients and staffing-intensive manual workarounds in response to attacks more difficult,” The White House said, adding that it has “received commitments from leading U.S. technology providers to provide free and low-cost resources for all 1,800–2,100 rural hospitals across the nation.”
