Non-profit ONEBLOOD, which supplies donated blood to more than 250 hospitals in the United States, faced a challenging situation when hackers targeted its computer system with the Mounting Program. This attack significantly hampered Oneblood’s ability to collect, analyze, and distribute materials.
Oneblood’s representative, Susan Forbes, stated that the attack breached the organization’s software, forcing Oneblood to resort to manual process management to continue its operations. Oneblood caters to medical institutions in Florida, Georgia, North Carolina, and South Carolina.
To address the issue, blood centers across the country stepped in to provide blood and platelets to Oneblood. The AABB emergency worker coordinated these efforts. Oneblood highlighted the urgent need for donors with blood groups O positive and negative, as well as platelet donors.
Currently, the organization is collaborating with cybersecurity experts and state departments to mitigate the attack’s aftermath. Forbes assured that specialists are working tirelessly to restore the systems’ full functionality promptly.
The perpetrators behind the attack, the extent of potential data breach, and whether ransom demands were made remain unknown. Oneblood stores various donor information, such as medical histories, blood types, and test results. The organization stated on its website that there is no current information on potential personal data leaks.
While no entity has claimed responsibility for the attack, it bears resemblance to a recent incident involving QILIN, which targeted Synnovis, a laboratory service provider for NHS England in June. This resulted in the suspension of blood transfusions and surgeries at hospitals in London.
In the same month, the US Department of Health issued a warning about the QILIN group, linked to at least 15 attacks on healthcare institutions since October 2022. Approximately half of these incidents targeted organizations in the United States, including Florida and Georgia – the states served by Oneblood.