Ransomware Attacks Result in Blood Shortages and Patient Care Disruptions: A Call to Action from AHA and Health-ISAC

The American Hospital Association and Health-ISAC issued a joint threat bulletin warning healthcare organizations about the increasing threat of ransomware attacks by Russian cybercrime gangs. These attacks have not only disrupted patient care but also created blood shortages in the US and UK, raising serious concerns about the impact on public health.

The bulletin highlighted three recent ransomware attacks targeting blood suppliers, resulting in major supply chain disruptions. In one incident, a Florida-based blood supplier experienced shipping delays due to forced manual labeling of blood samples after a ransomware attack. This led to a blood shortage affecting hospitals and patient care in the region. Another attack on a pathology provider in London caused delays in care and surgeries, as patient blood types couldn’t be looked up without access to the health record system. In a separate incident, a blood plasma provider in 35 states had to shut down donations due to a cyberattack, impacting patient care and donor information security.

Healthcare organizations are urged to prepare for supply chain disruptions caused by cyberattacks on third-party vendors. IT teams need to assess risks, identify critical suppliers, and develop emergency management plans to mitigate the impact of such attacks. The bulletin also emphasizes the importance of evaluating the essentiality of third-party vendors and exploring alternative options to ensure continuity of healthcare services.

As ransomware attacks continue to target healthcare providers, proactive measures and robust risk management strategies are essential to safeguard patient care, supply chain integrity, and data security in the face of evolving cyber threats.