Ransomware Attack Shutters Octopharma Plasma’s US Operations


April 25, 2024

World map

A suspected ransomware attack against Octapharma Plasma forced the suspension of operations at more than 150 blood plasma donation centers across the US.  

The company posted a banner on their website stating, “all centers are experiencing network issues and are currently closed” due to “IT issues,” but the company has not released details.

“One source familiar with the situation, however, told The Register <that> Octapharma Plasma fell to a BlackSuit ransomware infection on Monday. We're told the downtime stateside will affect supplies of plasma into Octapharma's European operations,” The Register reports.

"If they don't restore the systems, they will need to close their factories in Europe as more than 75 percent of their plasma comes from the US... IT management don't give a s*** about security and they are now learning a lesson,” a source told the publication.

Takeaway: News of the apparent attack comes on the heels of the parent company of Change Healthcare estimating the cost of remediating the February ransomware attack on the healthcare payments giant will approach $872 for Q1-2024.

This figure is in addition to the more than $6 billion in emergency funding and loans UnitedHealth allotted for struggling healthcare providers who could not get reimbursed for services while systems were down.

A recent study revealed in the last several years there have been more than 500 successful ransomware attacks impacting nearly 10,000 healthcare providers exposing over 52 million patient records. It is estimated these attacks have bled the US economy by tens of billions of dollars.

More concerning is the risk to human life these attacks represent. A study by Ponemon revealed that 68% of respondents said ransomware attacks disrupted patient care, 46% noted increased mortality rates, and 38% noted more complications in medical procedures following an attack.  

Another study found that ransomware attacks contributed to between 42 and 67 patient deaths over a five-year period, and an alarming 33% increase in hospitalized Medicare patient deaths per month.

Criminal ransomware groups know that the impact of an attack against healthcare organizations does not just disrupt operations, it directly affects the lives of their patients and puts the entire organization at risk:

Legacy security tools (EPP/EDR/XDR) were simply not designed to address the unique threat that ransomware presents, and this is why we keep seeing destructive ransomware attacks circumvent these traditional security solutions and impact healthcare organizations.

The Change Healthcare attack also highlights potential repercussions from ransomware attacks that go far beyond financial and operational impact, as legal and regulatory liability are growing concerns.

Data exfiltration and the threat of exposure are now a central aspect of nearly every ransomware operator’s playbook and significantly increase the chances for the extortion efforts to be successful.

In some cases, the attackers may not only demand payment of a ransom to regain access to encrypted systems, but they may also demand further payment for the stolen data itself.

As an executive, it is crucial to understand the potential impact of disruptive cyber-attacks on your business and take proactive steps to mitigate them.  

Halcyon recently published a reference guide that explores what each C-level executive should know about ransomware to ensure a strong security posture and protect their organization: What Executives Should Know about Ransomware.

Halcyon.ai is the leading anti-ransomware company that closes endpoint protection gaps and defeats ransomware through built-in bypass and evasion protection, key material capture, automated decryption, and data exfiltration prevention – talk to a Halcyon expert today to find out more. Halcyon also publishes a quarterly RaaS and extortion group reference guide, Power Rankings: Ransomware Malicious Quartile.