OneBlood, a Florida nonprofit blood donation organization reported on July 31, 2024 that it suffered a ransomware attack. The cyberattack resulted in the shutdown of its IT systems. The organization continued to collect, test, and distribute blood, but it had to use manual processes, considerably lessening its productivity. Because of OneBlood’s diminished capability, the hospitals it serves had no choice but to enforce their critical blood shortage procedures. There are approximately 350 hospitals in the Southwestern United States that are served by OneBlood.
OneBlood has already stated that during the attack, the ransomware group extracted files and folders containing the personal data of blood donors, which include their names and Social Security numbers. According to the breach notification letters, OneBlood discovered the ransomware attack on or about July 28, 2024. It stated that the investigation affirmed that the attacker gained access to its IT system between July 14 and July 29, 2024.
OneBlood spent 4.5 months looking into the incident and analyzing the files and directories stored in the breached areas of its system. It also determined the people who were impacted and the types of data exposed. All the processes were completed on December 9, 2024. OneBlood began sending notification letters on or about January 9, 2025, which is 5.5 months after the data theft occurred. The impacted people were provided free identity theft protection and credit monitoring services for one year. Aside from registering for those services, the impacted persons must keep track of their accounts to check for indications of fake transactions as far back as July 14, 2024 when the initial compromise happened.
The exact number of people whose information was stolen during the attack is still unknown. But OneBlood already submitted a breach notification letter to the South Carolina State Attorney General indicating that the data and/or PHI of 1,530 blood donors in Florida were impacted.