In certain instances, we may earn revenue when a reader makes a purchase or completes a form through our pages or on a partner’s website. We adhere to a strict 
U.S. hospitals are again overwhelmed, but the emergencies are not patients — they are a constant flood of cybersecurity and ransomware attacks.
At the start of February 2025, New York’s blood centers announced a ransomware attack right in the middle of an ongoing ‘blood emergency,’ disrupting operations across 400 hospitals.
Meanwhile, in North Carolina, the personal data of nearly 200,000 patients was leaked during a security incident at Asheville Eye Associates.
Techopedia explores the latest breaches, investigates the postmortems of 2024 attacks, and asks experts about the obstacles facing the healthcare industry — remembering that prevention is part of the cure.
Key Takeaways
- Healthcare providers in Colorado, North Carolina, and New York have disclosed significant data breaches, impacting hundreds of thousands of patients.
- Breaches expose sensitive personal information, including names, addresses, medical records, and Social Security numbers.
- Leaked data can potentially lead to identity theft and fraud.
- While some incidents, like the NY Blood Center attack, involved ransomware, others appear to focus on data exfiltration.
- Due to stringent legislation, healthcare providers face larger challenges than usual in implementing new cybersecurity tools.
New York Ransomware Attack During ‘Blood Emergency’
On February 3, 2025, the NY Blood Center Enterprise (NYBE), one of the largest community-based blood centers in the city, announced the fallout after falling victim to a ransomware attack.
NYBE provides critical blood and stem cell services to more than 400 hospitals across America. The health organization, already facing a ‘blood emergency’ and needing more blood donors to step forward, said that “sustained donor support is essential in the days and weeks ahead as we recover from this incident.”
At the moment, it is unknown whether the blood provider paid the ransom.
The organization spotted suspicious activity affecting its IT systems on January 26, 2025, disrupting operations while they contacted law enforcement and began investigating.
NYBE said:
“We immediately engaged third-party cybersecurity experts to investigate and confirmed that the suspicious activity is a result of a ransomware incident.
“We took immediate steps to help contain the threat and are working diligently with these experts to restore our systems as quickly and as safely as possible. Law enforcement has been notified.”
Operating divisions affected included:
- Blood Bank of Delmarva
- Community Blood Center of Greater Kansas City
- Connecticut Blood Center
- Memorial Blood Centers
- Nebraska Community Blood Bank
- New Jersey Blood Services
- New York Blood Center
- Rhode Island Blood Center
NYBCE announced on Monday, February 3: “All blood collection activities have resumed across our operating divisions. All donor center operations and community blood drives are currently moving forward as scheduled, and we are working to reschedule those that were canceled.”
“We are making strides toward resuming normal distribution … and we will remain in touch with our partners as we continue to work through this incident.”
NYBCE added that blood distribution will resume normally in the next few days and called for blood donations to overcome the crisis.
The incident is a prime example of how cybersecurity threats can reach the threshold of causing real-world harm — a callous attack on a service that any of us may need at a time. It is not the first healthcare cyber attack incident, and it will not be the last of the year.
Asheville Eye Associates Cyber Attack
The incident was not even the only healthcare cyberattack of January. Asheville Eye Associates (AEA), a leading eye care provider in North Carolina, reported on Friday, January 31, that a security incident exposed the data of hundreds of thousands of patients.
AEA said the incident impacted its IT systems, not its operational technology (OT). OT in healthcare is used for a wide range of medical procedures, from X-ray machines to medical pumps and remote monitoring devices.
AEA notified law enforcement and has begun its investigation, which was conducted by third-party cybersecurity professionals. Remediation stages are still in progress for the eye care provider.
AEA confirmed that the names, addresses, health insurance information, and medical and treatment information of 193,306 patients had been exposed.
The ransomware group DragonForce claimed responsibility, posting that the stolen data amounted to nearly 540GB.
Legal healthcare channels and class action professional sites are following the news closely.
AEA reassured its patients that no financial data, credit card numbers, or Social Security numbers had been compromised; however, Techopedia advises affected patients to stay vigilant as the investigation is still ongoing.
Delta County Memorial Hospital Breach Could Lead to Identify Theft
Speaking on ongoing investigations, the Delta County Memorial Hospital District disclosed the full extent of a May 2024 incident to the Office of the Maine Attorney General.
In a letter sent at the end of January 2025 to those affected by the hack, the health provider said they flagged suspicious activity on its IT network on May 30, 2024. Delta notified law enforcement immediately and began its investigation while navigating healthcare compliance demands.
Delta Hospital said:
“The investigation determined that an unknown, unauthorized third party gained access to Delta’s network between May 27, 2024, and May 30, 2024.”
The health provider added in November 2024 that it was clear that an unknown attacker had accessed “determined files,” giving access to the information of 148,363 patients or individuals.
This includes, as Delta Hospital said to patients:
“Your name, date of birth, phone number, address, financial account information, medical information, health insurance information, Social Security number, and/or driver’s license number.”
Following standard health industry-related procedures dictated by different state and federal health laws, Delta County Memorial Hospital District offered those impacted a one-year free Credit Monitoring service from Experian.
Offering one year of credit monitoring is the norm after these types of breaches and implies a serious risk of identity theft.
The strange thing about this cyberattack is that, as far as we know, the attacker did not demand a ransom, suggesting the threat actors were dedicated solely to stealing data to sell it over and over on the dark web to cybercriminals.
We recommend that those impacted check out dark web monitoring services, some of which are free, such as those on sites like Have I Been Pwned.
Security Obstacles Facing Healthcare
Techopedia spoke to Josh Jacobson at HackerOne, a company supporting the talent of the largest community of ethical hackers in the world.
Jacobson said:
“One of the biggest hurdles for the healthcare industry is the highly regulated and confidential nature of healthcare data, which can make adopting advanced cybersecurity practices challenging, at times more expensive than other industries.
“However, the rising frequency of breaches proves that inaction is the greater risk. Healthcare organizations must take a more proactive approach to security, learning from industries with similar regulatory and infrastructure challenges.”
Delta Hospital seems to have jumped through all the right compliance loops. However, under the Health Insurance Portability and Accountability Act, known as HIPAA, and other state laws, patients have a right for their data to be protected from cyberattacks.
The responsibility to safeguard patient data rights falls directly on the health provider.
Health providers must also play catch-up as cybersecurity mandates and reforms are on their way or have been implemented. For example, new HIPAA encryption demands that providers maintain the confidentiality of electronic Protected Health Information (ePHI).
The Bottom Line
The fallout of the widespread 2024 cyberattack wave, which targeted U.S. health providers and their partners, continues to unravel. Meanwhile, 2025 security incidents are already kicking into the year ahead hard.
Both the NY blood provider ransomware and the North Carolina AEA incident are signs of what is coming.
Ransomware and data leaks are definitely something patients, individuals, and healthcare providers should keep an eye on and plan for to avoid costly individual damages and court processes.
FAQs
What happened to the NY Blood Center in 2025?
How many patients were affected by the Asheville Eye Associates breach?
What personal data was leaked in the Delta County Memorial Hospital breach?
Who is behind these healthcare cyberattacks?
What should affected patients do after a data breach?
How can healthcare providers improve cybersecurity?
References
- NEW YORK BLOOD CENTER ANNOUNCES BLOOD EMERGENCY – New York Blood Center (NYBC)
- 2024 Data Security Incident – Asheville Eye (Asheville Eye)
- Data Breach Notifications (Maine)
- Have I Been Pwned: Check if your email has been compromised in a data breach (Have I Been Pwned)
- Josh Jacobson | SANS Webcast Speaker (SANS)
- HackerOne | #1 Trusted Security Platform and Hacker Program (HackerOne)
- HIPAA Encryption Requirements (HIPAA Journal)
