- Nybce Led a Cyberattack in January 2025 and Exposed Sensitive Patient and Economic Data
- Victims may include those with SSNs, ID numbers or direct deposit information; accurate counting unknown
- Nybce cannot notify all victims due to lack of contact information, instead offers free identity monitoring
A nonprofit for American blood services had admitted to having suffered a cyberattack where it lost sensitive information about a non -public number of people.
The New York Blood Center Enterprises (Nybce) confirmed that it discovered an intrusion on January 26, 2025, which led to a study using third -party forensic experts. The study determined that unidentified threat players gained access to their network a week earlier – on January 20 – and during that time, sensitive patient information sparked.
“To perform these services, we receive limited clinical information from healthcare providers and partners. Some of this information may have been involved in a cyber security event that we have recently processed,” the message reads.
Notifies the victims
In a separate filing in the Office of the Maine Law Attorney, the Nybce confirmed the incident, but did not state the exact number of persons affected.
It said the data varies from person to person, but probably includes their name, social security number (SSN), driver’s license or other government identification card number and/or financial account information – if the person participated in direct deposit.
In the site’s message, the organization also said that “limited health information and test results” may also have been stolen.
But the worst thing is that Nybce is unable to notify all the victims properly:
“We do not collect or maintain contact information for persons for whom we provide clinical services. As a result, we are unable to send letters to persons whose information may have been involved,” it announced further.
Therefore, people who believe they may have been affected are advised to call the organization’s confidential call center.
Nybce also offers one year’s value of free credit and identity theft surveillance via Experian’s IdentityWorksSM, and is said to work on “to improve security protocols”.
Via Tom’s Guide
