Blood donation firm reveals donor personal data stolen in cyberattack
Date:
Tue, 14 Jan 2025 18:03:00 +0000
Description:
OneBlood is offering free identity theft and credit monitoring services.
FULL STORY ======================================================================OneBlood
suffered a cyberattack in July 2024, and has now concluded its investigation The analysis has shown OneBlood lost sensitive information on some customers Names and Social Security numbers among the details taken
OneBlood, a nonprofit medical organization crucial for the operations of healthcare firms across the Southeastern US, has confirmed it lost sensitive donor information in a ransomware attack.
In July 2024, OneBlood suffered an attack causing an IT system outage and resulted in 250 hospitals activating critical blood shortage protocols.
The move disrupted services across multiple US states, with the organization operating at a significantly reduced capacity - meaning whilst OneBlood continued to collect, test, and distribute blood, it had to return to using manual labelling process, which significantly slowed work. The attack also meant surgeries and treatments were impacted across several states as
OneBlood looked to get back up to speed. Names and SSNs
Now, BleepingComputer has published a data breach notification letter that OneBlood allegedly started sending to affected individuals, describing what happened, and what kind of information the attackers compromised.
On or around July 28, 2024, OneBlood became aware of suspicious activity within its network, the letter reads. Our investigation determined that between July 14 to July 29, 2024, certain files and folders were copied from our network without authorization. On or about December 12, 2024, we
completed our review and determined that the affected files contained your information.
The company said the thieves stole peoples names and Social Security numbers (SSN) - but as organizations usually collect a lot more information than this (such as postal addresses, email addresses, phone numbers, demographic data, health information, and more), hackers having stolen only names and SSNs
could be seen as a silver lining.
Still, even this is enough to engage in phishing, identity theft, and other forms of cybercrime. We dont know exactly how many people were affected by
the incident, but it's best to invest in some identity theft protection
tools.
Even though there is no evidence of the data being abused in the wild, OneBlood is providing affected individuals with free credit monitoring services for a year. Users have until April 9 to activate the service, it added, stressing that they should also keep a close eye on their bank statements for suspicious transactions.
Via BleepingComputer You might also like UK Government launches ransomware protection proposals Here's a list of the best antivirus tools on offer These are the best endpoint protection tools right now
======================================================================
Link to news story:
https://www.techradar.com/pro/security/blood-donation-firm-reveals-donor-perso nal-data-stolen-in-cyberattack
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)