New York Blood Center confirms it notified 194k people of data breach

Published: 20 September 2025
Last updated: 20 September 2025
New York Blood Center data breach

New York Blood Center (NYBCe) Enterprises has confirmed that it had notified 193,822 people of a data leak in a January 2025 breach.

NYBCe has disclosed that the following information was accessed by malicious actors:

  • Names
  • State-issued ID numbers (e.g. driver’s license)
  • Social Security numbers
  • Bank account info if you participated in direct deposit
  • Health information
  • Test results
ADVERTISEMENT

The organization announced the breach back on January 26th, saying that it involved third-party specialists after identifying suspicious activity affecting its IT systems. The activity was confirmed to be the “result of a ransomware incident”, and NYBCe immediately took its systems offline.

As of yet, no criminal group has publicly claimed the center as a victim, and NYBCe itself did not comment on whether it was made a ransom demand.

“To date, no gangs have claimed the attack on NYBCe, and, with the attack happening back in January 2025, it's unlikely we'll see a claim from a gang now. This could mean that ransom negotiations were successful but NYBCe hasn't confirmed this. Across the 89 confirmed attacks we've noted for this year, the average ransom demand has been just under $627,000,” Rebecca Moody, Head of Data Research at Comparitech, told Cybernews.

Previously, the center reported 193,822 victims to the Oregon Attorney General, although its website says, “We do not collect or maintain contact information for individuals for whom we provide clinical services. As a result, we are unable to mail letters to individuals whose information may have been involved.”

jurgita vilius Niamh Ancell BW
Join 25,260+ followers on Google News
Google News Follow us

NYBCe is offering victims free credit and identity monitoring through Experian, and patients can call in to ask whether their data has been compromised.

"This attack becomes the 89th confirmed attack on a healthcare company (worldwide) this year so far. Across these attacks, nearly 6.7 million records are known to have been breached with this attack on NYBCe becoming the sixth largest based on records affected,” Moody added.

Recently, a non-profit health center Goshen Medical Center, informed over 456k people of a data breach, which compromised their sensitive information including names, dates of birth, Social Security numbers, driver’s license numbers, and medical record numbers.

ADVERTISEMENT

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT