OneBlood Confirms Data Breach Following Ransomware Attack

Six months after a ransomware attack disrupted operations at OneBlood, the not-for-profit blood center has notified affected individuals that their personal data was stolen during the incident. The breach, which occurred between July 14 and July 29, 2024, involved unauthorized access to sensitive information, including names and Social Security numbers.

OneBlood, serving critical blood supply needs across Florida, Georgia, Alabama, and the Carolinas, first detected suspicious activity on July 28, 2024. The organization responded by securing its systems and launching a thorough investigation. The initial impact of the attack included significant operational slowdowns due to the forced implementation of manual processes. At the time, OneBlood worked tirelessly to maintain blood supplies to over 250 hospitals with support from the national blood community.

The recent notification reveals the full scope of the breach. Following months of investigation, OneBlood determined on December 12, 2024, that sensitive data had been exfiltrated. Individuals whose data was compromised were informed in January 2025, underscoring the ongoing challenges of ransomware incidents that often unfold long after initial detection.

To mitigate potential misuse of the stolen data, OneBlood is offering impacted individuals 12 months of complimentary credit monitoring and identity theft protection services through TransUnion. The organization has also encouraged recipients of the notification to remain vigilant by monitoring credit reports and financial accounts for suspicious activity.

In its notice, OneBlood reassured individuals of its commitment to data security, detailing its collaboration with federal law enforcement and steps taken to secure its systems post-breach.

OneBlood’s role as a key supplier of safe and affordable blood to communities highlights the severity of such attacks on healthcare-related entities. In this case, the cyberattack didn’t just cause a disruption of vital blood supplies but also compromised sensitive donor data, which may lead to identity theft or fraud.

Given the elevated risk, impacted individuals who received a notification from OneBlood should take the following actions:

• Use the code provided in their notification letter to activate free credit monitoring services.
• Regularly review credit reports and bank statements for unauthorized transactions.
• Consider placing credit freezes or fraud alerts on your accounts to prevent unauthorized access to credit information.
• Promptly contact the relevant authorities and credit bureaus if you detect suspicious activity.