Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

A ransomware attack forced New York Blood Center to reschedule appointments

The New York Blood Center faced a ransomware attack on Sunday, forcing the healthcare organization to reschedule appointments. The New York Blood Center suffered a ransomware attack on Sunday, causing appointment rescheduling. The New York Blood Center (NYBC) is a community, nonprofit blood bank based in New York City. The community was established in 1964 […]

Reynolds ransomware uses BYOVD to disable security before encryption ransomware

The New York Blood Center faced a ransomware attack on Sunday, forcing the healthcare organization to reschedule appointments.

The New York Blood Center suffered a ransomware attack on Sunday, causing appointment rescheduling.

The New York Blood Center (NYBC) is a community, nonprofit blood bank based in New York City. The community was established in 1964 by Dr. Aaron Kellner, NYBC supplies blood to approximately 200 hospitals in the Northeast United States. NYBC and its operating divisions also provide transfusion-related medical services to over 500 hospitals nationally.

NYBC and its divisions collect 4,000 blood units daily, serving over 75 million people across the Tri-State, Mid-Atlantic, Midwest, and New England regions.

The organization began investigating suspicious activity on its infrastructure in January 26 with the help of external cybersecurity experts, but discovered the ransomware attack on January 29. NYBC also notified law enforcement. No ransomware group has claimed responsibility for the attack.

“On Sunday, January 26, New York Blood Center Enterprises and its operating divisions identified suspicious activity affecting our IT systems. We immediately engaged third-party cybersecurity experts to investigate. This investigation has confirmed that the suspicious activity is a result of a ransomware incident.” reads the statement published by the company. “We took immediate steps to help contain the threat, including taking certain systems offline. We are working diligently with these experts to restore our systems as quickly and as safely as possible.”

The company took immediate steps to mitigate and contain the attack, its experts are working to restore the impacted systems. At this time, it is unclear if threat actors stole sensitive data from the blood center.

NYBC does not have a set timeline for system restoration but is working with experts to restore operations safely. NYBC still accepts blood donations, though processing times may be longer. The organization is communicating updates with donor centers, sponsors, and donors.

On January 22, NYBC declared a blood emergency due to a sharp donation decline from spring breaks and travel. All blood types are low, especially type O. The shortage coincides with rising COVID cases, driven by the Omicron subvariant BA.2.12.1 in New York.

In July 2024, OneBlood, a non-profit blood bank serving over 300 U.S. hospitals, suffered a ransomware attack that disrupted its medical operations.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Blood Center)