{“lastseen”:”2025-09-10T14:07:51″,”description”:”A blood center has begun sending data breach notifications to its users after suffering a ransomware attack and theft of personal data.\\n\\nThe New York Blood Center\u2019s (NYBC) suffered the ransomware attack in January, in which an unauthorized party gained access to its network and acquired copies of a subset of files. The security incident was first noticed on January 26, 2025, but this week NYBC has started notifying victims.\\n\\nNYBC publicly acknowledged the scale but has not issued a precise number of affected people due to ongoing investigations and limitations in contact information for all service recipients. Based on documents that NYBC submitted to regulators in several states, hackers could have stolen information belonging to at least tens of thousands of people.\\n\\nNYBC ranks among the largest independent community-based blood collection organizations in the US. It serves over 75 million people across more than 17 states and delivers about one million lifesaving blood products annually.\\n\\nThe information varies per affected individual but can include:\\n\\n * Name\\n * Social Security number\\n * Driver\u2019s license or other government identification card number.\\n * Financial account information if you participated in direct deposit.\\n\\n\\n\\nNYBC also provides clinical services, and diagnostic blood testing, for which it needs clinical information from healthcare providers. New York Blood Center Enterprises said some of this information was also accessed by the attackers during the cyber incident.\\n\\nSo far it is unknown which ransomware group might have been behind the attack, and we have seen no threats to publish or sell the acquired data. But this could change quickly once negotiations about the ransom come to an end without the cybercriminals getting paid what they demand.\\n\\n## **Protecting yourself after a data breach**\\n\\nThere are some actions you can take if you are, or suspect you may have been, the victim of a data breach.\\n\\n * **Check the vendor\u2019s advice.** Every breach is different, so check with the vendor to find out what\u2019s happened and follow any specific advice they offer.\\n * **Change your password.** You can make a stolen password useless to thieves by changing it. Choose a strong password that you don\u2019t use for anything else. Better yet, let a password manager choose one for you.\\n * **Enable two-factor ****authentication**** (****2FA****).** If you can, use a FIDO2-compliant hardware key, laptop or phone as your second factor. Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device can\u2019t be phished.\\n * **Watch out for fake vendors.** The thieves may contact you posing as the vendor. Check the vendor website to see if they are contacting victims and verify the identity of anyone who contacts you using a different communication channel.\\n * **Take your time.** Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.\\n * **Consider not storing your card details**. It\u2019s definitely more convenient to get sites to remember your card details for you, but we highly recommend not storing that information on websites.\\n * **Set up ****identity monitoring****.** Identity monitoring alerts you if your personal information is found being traded illegally online and helps you recover after.”,”published”:”2025-09-10T13:22:13″,”modified”:”2025-09-10T13:22:13″,”type”:”malwarebytes”,”title”:”Ransomware attack at blood center: Org tells users their data\\u0026#8217;s been stolen”,”source”:””,”references”:””,”id”:”MALWAREBYTES:613A60742810E2E134637ABCCA4A8BDD”,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/www.malwarebytes.com\/blog\/news\/2025\/09\/ransomware-attack-at-blood-center-org-tells-users-their-datas-been-stolen”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2025-09-10T14:07:51″,”description”:”A blood center has begun sending data breach notifications to its users after suffering a ransomware attack and theft of personal data.\\n\\nThe New York Blood…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,12,115,13,33,7,11,5],"class_list":["post-16947","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-exploit","tag-malwarebytes","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n