New York Blood Center hit by ransomware, blood services disrupted

NEW YORK, UNITED STATES — The New York Blood Center (NYBC), one of the largest nonprofit blood centers in the United States, confirmed on January 26, 2025, that it had fallen victim to a ransomware attack. 

The organization, which supplies blood to over 500 U.S. hospitals, detected suspicious activity on its IT systems and immediately engaged third-party cybersecurity experts to investigate.

In a statement, NYBC said it took swift measures to contain the threat by taking critical systems offline and notifying law enforcement. 

“We are working diligently with these experts to restore our systems as quickly and as safely as possible,” the organization emphasized.

Severe impact on blood donation services

The attack has caused significant disruptions to NYBC’s operations, including donation center activities and blood drives. Processing times for blood donations have been delayed, and some events have been canceled or rescheduled. 

This comes at a critical time when NYBC had already declared a “blood emergency” due to a 30% drop in donations earlier in January, leaving certain blood types at dangerously low levels.

NYBC serves more than 75 million people across the country and provides transfusion-related services to hospitals in the Northeast. The cyberattack has further strained its ability to meet hospital demands, prompting urgent calls for donors to step forward.

Recovery efforts show progress

As of February 3, 2025, NYBC announced that all blood collection activities had resumed across its divisions, including donor centers and community blood drives. However, some manual processes remain in place, potentially causing delays in service. The organization has urged eligible donors to contribute immediately to help stabilize the blood supply during this challenging period.

“We deeply appreciate your patience and support,” NYBC stated in an update. “Sustained donor support is essential in the days and weeks ahead as we recover from this incident.”

Unknown attackers and potential data breach

The identity of the attackers remains unknown, with no ransomware group claiming responsibility for the breach so far. It is also unclear whether sensitive patient or donor data was accessed or if a ransom demand was made. 

NYBC has pledged transparency and promised to notify individuals if any data compromise is confirmed.

Growing cybersecurity threats in healthcare

This attack highlights the increasing vulnerability of healthcare organizations to ransomware incidents. Experts warn that such disruptions can have life-threatening consequences when they impact critical services like blood collection and distribution. 

Cybersecurity professionals are calling for stronger defenses across healthcare systems to prevent similar incidents in the future.