A nonprofit blood donation center that serves more than 250 hospitals in the southeastern United States was hit with a cyberattack that left computers disabled and disrupted services.
The Florida-based OneBlood, which also offers services in Georgia and the Carolinas, said Wednesday it was experiencing a “ransomware event” on its software systems. Ransomware attacks are a type of cyberattack in which hackers use malware to encrypt data or software systems and demand a ransom be paid in exchange for restored access.
OneBlood senior vice president Susan Forbes said the company has been able to remain operational for the time being, but has been forced to implement a manual process that takes “significantly longer” and negatively impacts inventory availability.
RELATED STORY | Hackers in Change Healthcare attack receive $22M in alleged ransom
“OneBlood takes the security of our network extremely seriously,” Forbes said in a statement. “Our team reacted quickly to assess our systems and began an investigation to confirm the full nature and scope of the event. Our comprehensive response efforts are ongoing and we are working diligently to restore full functionality to our systems as expeditiously as possible.”
In the meantime, OneBlood said it is in “urgent need” for O positive, O negative and platelet donations, but donors of all blood types are helpful.
“The blood supply cannot be taken for granted,” Forbes said. “The situation we are dealing with is ongoing. If you are eligible to donate, we urge you to please make an appointment to donate as soon as possible.”
RELATED STORY | The risk of cyberattacks on hospitals is growing, experts say
Experts say the number of attacks against hospitals and health systems is climbing year over year, as is the dollar cost to ransom critical infrastructure back from criminals that hold it hostage. In 2023, the average cost for a ransomware attack was $1.5 million, up from $5,000 in 2018.
As hospitals increase their dependence on online tools for operations and patient records, the risk from cyberattacks and ransomware are expected to grow. Recovering from an attack can also take time and money, sometimes requiring months of rebuilding systems.