The HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

OctaPharma Plasma Closes Donation Centers While It Deals with Suspected Ransomware Attack

Posted By on Apr 22, 2024

The Swiss pharmaceutical firm, Octapharma Plasma, is dealing with a cyberattack that has affected systems at 190 plasma donation centers in 35 U.S. states. Those centers have been temporarily closed while the company responds to the attack and works on bringing the affected systems back online.

Octapharma identified suspicious activity within its network on April 17, 2024, and confirmed that an unauthorized third party had breached its network and disrupted certain parts of its operations. An investigation has been launched and third-party cybersecurity experts have been engaged to investigate the attack and determine its impact. At this stage, Octapharma has yet to provide any further details about the attack, such as whether ransomware was used to encrypt files, and said further information will be released as the investigation progresses.

Without access to critical IT systems, donors are unable to visit its plasma donation centers. The plasma collected at its U.S. facilities is shipped to its European manufacturing plants and is used to create life-saving therapies. The disruption to plasma supplies threatens production at its EU-based facilities, given that 75% of the plasma used in its therapies is collected from donors in the United States.

A reporter at The Register spoke with a source familiar with the incident who claimed the attack occurred on Monday, April 15, 2024, and the BlackSuit ransomware group was responsible. BlackSuit is a relatively new ransomware operation that was discovered in May 2023. The group has significant similarities with the Royal ransomware group, which was a successor of the Conti ransomware operation.  The Register’s source claimed that vulnerabilities were exploited to gain access to Octapharma’s VMware systems, with Blacksuit ransomware used to encrypt files.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

In November 2023, the Health Sector Cybersecurity Coordination Center (HC3) warned the healthcare and public health sector about BlackSuit ransomware. HC3 said the group appears to conduct indiscriminate attacks on a variety of industry sectors, including healthcare, manufacturing, business technology, business retail, and government sectors, and that the group engages in double extortion tactics, where stolen data is added to its data leak site if the ransom is not paid. As of April 22, 2024, Octapharma is not showing on the group’s data leak site.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist