Blood-donation not-for-profit OneBlood last week confirmed that a ransomware attack last summer has resulted in donors’ personal information being stolen, including names and SSNs.
On or around July 28, 2024, OneBlood became aware of suspicious activity within its network. We began an investigation to determine the full nature and scope of the event. Our investigation determined that between July 14 to July 29, 2024, certain files and folders were copied from our network without authorization. We conducted a comprehensive review of the affected files to identify the types of information contained in them and to whom the information relates. On or about December 12, 2024, we completed our review and determined that the affected files contained your information.
What Information Was Involved? The investigation determined that your name and Social Security number was included in the relevant files and folders.
Erich Kron, Security Awareness Advocate at KnowBe4 had this to say:
“Ransomware attacks are pretty much synonymous with data breaches, and this was certainly no exception. Modern ransomware groups put a lot of effort towards stealing data because they know that it can often be used as leverage to force organizations to pay ransoms in exchange for not leaking the data, so when we hear about a ransomware attack taking down systems, we can safely assume most of the time that personal data was stolen as well.”
“The attack on OneBlood is especially frustrating because the organization does have a great mission and does good things to provide blood to those in desperate need. The attack last year impacted a number of clinics and increased the likelihood of human errors when computerized systems were taken offline. For the volunteers that already gave their time and blood to help the cause, the news that their personal information was lost to bad actors is certainly unwelcome.”
“Unfortunately, OneBlood took a long time to determine what data was lost and to inform victims of the breach. When information like this is leaked, it is extremely beneficial for potential victims to be able to take steps to protect their identity from theft and to protect themselves from potential social engineering attacks, and delays such as this can put them at even higher risk of negative consequences.”
“Organizations that collect or store personal and medical information need to ensure the highest standards of protection are met, and that potential victims of data theft are notified quickly and given information they can use to protect themselves from the misuse of their private data. Delays in notification leave victims vulnerable to additional attacks and identity theft.”
Rebecca Moody, Head of Data Research at Comparitech adds the following:
“According to our data, OneBlood is one of 128 US healthcare providers confirmed to have been hit by a ransomware attack in 2024. These attacks affected nearly 21.8 million records in total and saw an average ransom of just over $1 million.”
“We don’t yet know how many people have been involved in this breach but at least 608 residents in Massachusetts have received notifications. Those impacted should take up OneBlood’s offer of 12 months free credit monitoring and identity theft protection services while also being on high alert for any phishing messages and monitoring accounts for unauthorized activity.”
Besides being yet another health care related hack, this really took way too long to be brought to the attention of victims. That’s not cool and OneBlood really needs to do better.
Related
This entry was posted on January 14, 2025 at 12:12 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
OneBlood confirms personal data stolen in July ransomware attack
Blood-donation not-for-profit OneBlood last week confirmed that a ransomware attack last summer has resulted in donors’ personal information being stolen, including names and SSNs.
On or around July 28, 2024, OneBlood became aware of suspicious activity within its network. We began an investigation to determine the full nature and scope of the event. Our investigation determined that between July 14 to July 29, 2024, certain files and folders were copied from our network without authorization. We conducted a comprehensive review of the affected files to identify the types of information contained in them and to whom the information relates. On or about December 12, 2024, we completed our review and determined that the affected files contained your information.
What Information Was Involved? The investigation determined that your name and Social Security number was included in the relevant files and folders.
Erich Kron, Security Awareness Advocate at KnowBe4 had this to say:
“Ransomware attacks are pretty much synonymous with data breaches, and this was certainly no exception. Modern ransomware groups put a lot of effort towards stealing data because they know that it can often be used as leverage to force organizations to pay ransoms in exchange for not leaking the data, so when we hear about a ransomware attack taking down systems, we can safely assume most of the time that personal data was stolen as well.”
“The attack on OneBlood is especially frustrating because the organization does have a great mission and does good things to provide blood to those in desperate need. The attack last year impacted a number of clinics and increased the likelihood of human errors when computerized systems were taken offline. For the volunteers that already gave their time and blood to help the cause, the news that their personal information was lost to bad actors is certainly unwelcome.”
“Unfortunately, OneBlood took a long time to determine what data was lost and to inform victims of the breach. When information like this is leaked, it is extremely beneficial for potential victims to be able to take steps to protect their identity from theft and to protect themselves from potential social engineering attacks, and delays such as this can put them at even higher risk of negative consequences.”
“Organizations that collect or store personal and medical information need to ensure the highest standards of protection are met, and that potential victims of data theft are notified quickly and given information they can use to protect themselves from the misuse of their private data. Delays in notification leave victims vulnerable to additional attacks and identity theft.”
Rebecca Moody, Head of Data Research at Comparitech adds the following:
“According to our data, OneBlood is one of 128 US healthcare providers confirmed to have been hit by a ransomware attack in 2024. These attacks affected nearly 21.8 million records in total and saw an average ransom of just over $1 million.”
“We don’t yet know how many people have been involved in this breach but at least 608 residents in Massachusetts have received notifications. Those impacted should take up OneBlood’s offer of 12 months free credit monitoring and identity theft protection services while also being on high alert for any phishing messages and monitoring accounts for unauthorized activity.”
Besides being yet another health care related hack, this really took way too long to be brought to the attention of victims. That’s not cool and OneBlood really needs to do better.
Share this:
Like this:
Related
This entry was posted on January 14, 2025 at 12:12 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.