July 31, 2024 A ransomware attack against the blood-donation nonprofit OneBlood has “significantly reduced” its ability to take, test, and distribute blood, impacting more than 250 hospitals across Florida, Georgia, North Carolina, and South Carolina.

OneBlood disclosed that the intrusion disrupted a “software system,” forcing the organization to resort to manual processes and procedures to maintain operations. Susan Forbes, a OneBlood spokesperson, explained that these manual processes “take significantly longer to perform and impact inventory availability.” As a result, OneBlood has requested hospitals to activate their critical blood shortage protocols and remain in that status for the foreseeable future.

In response, blood centers across the US are sending blood and platelets to OneBlood, with the AABB Disaster Task Force coordinating the national effort. While all blood types are in demand, there is an urgent need for O Positive, O Negative, and platelet donations. Forbes assured that cybersecurity specialists and government agencies are working diligently to restore full functionality to OneBlood’s systems as quickly as possible.

Forbes did not provide specific details on how the intruders gained access to OneBlood’s network, the identity of the attackers, or whether a ransom demand was made. It is also unclear if any sensitive information was stolen. OneBlood collects personal information from donors, including medical history, blood type, test results, and other details, but has not confirmed if this data was compromised.

The ransomware attack on OneBlood mirrors a similar incident involving the Qilin gang’s attack on NHS England pathology services provider Synnovis in June, which led to canceled blood transfusions and surgeries at London hospitals. The US Department of Health and Human Services had previously warned about the Qilin group, attributing at least 15 healthcare sector infections to them since October 2022.

As the investigation continues, OneBlood has promised to provide relevant updates, while emphasizing the critical need for blood donations to manage the ongoing shortage caused by the ransomware attack.