Hackers Attack US Blood Bank, More Than 250 Hospitals Asked To Activate Blood Shortage Protocols
Authored by Naveen Athrappully via The Epoch Times,
Nonprofit blood bank OneBlood, which serves hundreds of American hospitals based in the Southeast region, has been affected by a ransomware attack that has disrupted its software systems.
While the organization remains operational and is continuing to collect, test, and distribute blood, it is running at a “significantly reduced capacity” following the ransomware attack, the group said in a July 31 statement. As part of mitigating disruptions, the blood bank has implemented “manual processes and procedures to remain operational,” said Susan Forbes, OneBlood senior vice president of corporate communications and public relations. However, “manual processes take significantly longer to perform and impacts inventory availability,” she said.
“In an effort to further manage the blood supply, we have asked the more than 250 hospitals we serve to activate their critical blood shortage protocols and to remain in that status for the time being,” she said.
The firm is analyzing the scope of the event and any impact on data. OneBlood said it currently does not have adequate information as to whether customers’ personal information such as test results, medical history, and blood type have been compromised. No further details about the attack were revealed.
Blood centers nationwide are sending blood and platelets to OneBlood to help augment supply, the group said. The organization said there was an “urgent need” for O Negative, O Positive, and Platelet donations.
OneBlood serves 355 hospitals across Alabama, Florida, North Carolina, South Carolina, and Virginia.
“The blood supply cannot be taken for granted. The situation we are dealing with is ongoing. If you are eligible to donate, we urge you to please make an appointment to donate as soon as possible,” Forbes said.
The ransomware attack on OneBlood is the latest in a series of hacking attempts targeting U.S. health care facilities.
In February, threat actors targeted health insurance company UnitedHealth Group’s Change Healthcare unit. The company determined the attack may have compromised certain personal identifiable information and protected health details.
During a House hearing in May, the company’s CEO said an estimated one-third of Americans could have had their sensitive health information leaked to the dark web. He said the company paid the hackers $22 million in bitcoin as ransom.
A data breach of health care service provider Kaiser Permanente in April is estimated to have affected roughly 13.4 million individuals.
Health Care Sector Cyber Risk
A June report by data security company SecurityScorecard pointed out that 35 percent of third-party data breaches in the United States last year affected health care organizations, “outpacing every other sector.”
“The supplier ecosystem is a highly desirable target for ransomware groups. Attackers can infiltrate hundreds of organizations through a single vulnerability without being detected,” it said.
The company scored the U.S. health care industry “B+” for cybersecurity capabilities for the first half of 2024. While ratings were “better than expected,” the firm noted there was still room for improvement.
Organizations that have a rating of B are 2.9 times more likely to be victims of data breaches than entities with an A rating.
SecurityScorecard found that app security flaws were one of the biggest vulnerabilities among health care organizations. With the Change Healthcare hack costing some companies $1 million a day, executives are placing more stress on cybersecurity measures, the company noted.
On June 10, the Biden administration announced that it had implemented measures to bolster the protection of the country’s health care ecosystem.
The White House convened a meeting of top executives from the health care sectors in May to boost cybersecurity solutions. The same month, the Advanced Research Projects Agency for Health launched a program that will invest more than $50 million to create tools that can be used by IT teams to better defend hospital networks.
Cyberattacks against the U.S. health care system jumped by 128 percent between 2022 and 2023, according to the White House. These incidents can be especially disruptive to hospitals in the rural regions that service 60 million Americans.
“Most rural hospitals are critical access hospitals, meaning they are located more than 35 miles from another hospital, which makes diversions of patients and staffing-intensive manual workarounds in response to attacks more difficult,” The White House said, adding that it has “received commitments from leading U.S. technology providers to provide free and low-cost resources for all 1,800–2,100 rural hospitals across the nation.”
Tyler Durden
Thu, 08/01/2024 – 19:25
via ZeroHedge News https://ift.tt/sTpgvrx Tyler Durden