What happened to New York Blood Center Enterprises?

On January 26, 2025, New York Blood Center Enterprises (NYBC) detected suspicious activity within its IT systems, which was confirmed as a ransomware attack. NYBC is one of the largest independent blood centers in the US, supplying over 1 million blood products annually to more than 400 hospitals across 17 states.

How has the ransomware attack affected NYBC's operations?

The attack has resulted in several blood drives being canceled, longer processing times for blood donations, and the implementation of manual workarounds to maintain essential services. Some blood drives and donation center activities are being rescheduled, though NYBC continues to accept blood donations despite the longer processing times.

What actions has NYBC taken in response to the attack?

NYBC has engaged third-party cybersecurity experts to investigate and contain the threat, notified law enforcement, implemented manual workarounds for essential services, and is maintaining direct communication with hospital partners to fulfill orders.

When will NYBC's systems be restored?

NYBC has no specific timetable for system restoration at this time.

Incident

New York Blood Center reports ransomware attack disrupting blood donations

published: Jan. 30, 2025

Learn More

On January 26, 2025, New York Blood Center Enterprises detected suspicious activity within its IT systems, which was confirmed as a ransomware attack. NYBC, one of the largest independent blood centers in the United States, supplies over 1 million blood products annually to more than 400 hospitals and medical facilities across New York, New Jersey, and 15 other states covering a population of over 75 million people.

Several blood drives had to be canceled. The organization engaged third-party cybersecurity experts to investigate and contain the threat and law enforcement has been notified.

The attack occurred five days after NYBC declared a blood emergency due to a 30% drop in donations during the holiday season. Prior to the attack, the organization had reported that types O-negative and B-negative were down to a dangerously low 1-3 day supply.

Due to the incident, processing times for blood donations are longer than normal. NYBC has implemented manual workarounds to maintain essential services and is maintaining direct communication with hospital partners to fulfill orders.

NYBC has not disclosed whether any personally identifiable information or patient data was compromised in the breach.

The organization has no specific timetable for system restoration. Some blood drives and donation center activities are being rescheduled, but NYBC is still accepting blood donations despite longer processing times.

Update - As of 9th of September 2025, NYBC confirmed that the attack caused a data breach. Attackers had maintained unauthorized access to the organization's network for six days and stole personal and medical information from both patients and employees. According to breach notifications, the compromised information includes:

Names
Social Security numbers
Driver's license numbers
Financial account information
Employment-related information
Health information and test results

The total number of affected individuals is not disclosed, but the company told regulators in Texas that 10,557 people from the state were impacted.

As of 18th of September 2025, NYBC confirmed that nearly 194,000 people were affected by the data breach.

New York Blood Center reports ransomware attack disrupting blood donations

Read More
Keytronic reports data breach after ransomware gang leaks …
Philadelphia Mastery School hit by cyber incident
CommuniCare Discloses Data Breach Affecting Nearly 20,000 Patients
Rhysida ransomware gang claims attac on Australian medical …
Warrior Met Coal reports data breach, exposes 20k …