Plasma Giant Cites ‘Network Issues’ as Alleged BlackSuit Infection Cripples U.S. Operations
Octapharma Plasma, a leading plasma collection company, has blamed “network issues” for the ongoing closure of its more than 150 centers across the United States. However, sources suggest that a potential ransomware infection, specifically the BlackSuit ransomware, may be the root cause of the medical firm’s predicament.
The company’s website displays a banner stating, “All centers are experiencing network issues and are currently closed.” An anonymous source familiar with the situation informed The Register that Octapharma Plasma fell victim to a BlackSuit ransomware attack on Monday.
Potential Supply Chain Disruptions
The source warned that if Octapharma fails to restore its systems promptly, it may need to shut down its European factories, as more than 75% of its plasma supply originates from the United States. “IT management don’t give a s*** about security, and they are now learning a lesson,” the source added.
Octapharma Plasma, which operates over 150 blood plasma donation centers across America and employs more than 3,500 people nationally, did not respond to The Register’s inquiries regarding the alleged incident.
Ransomware Targeting Healthcare Sector
BlackSuit, a relatively new ransomware strain sharing code with Royal and potentially a rebrand of the Conti crew, has been aggressively targeting healthcare and public health organizations. According to a November 2022 warning from the U.S. Department of Health and Human Services, BlackSuit employs double-extortion tactics, stealing sensitive data and encrypting networks before demanding ransom payments.
If confirmed, Octapharma would join the growing list of U.S. hospitals, health centers, and medical firms hit by ransomware attacks this year, highlighting the healthcare sector’s vulnerability to financially motivated cybercriminals. Encrypting medical systems can prevent patients from accessing life-saving treatments and expose sensitive personal and financial data, potentially leading to lawsuits and investigations.
High-Stakes for Healthcare Providers
The healthcare industry’s critical nature often compels providers to pay ransoms, making it an attractive target for extortionists. Octapharma Group, Octapharma Plasma’s parent company based in Germany, reported operating income of €436 million ($464 million) and record sales of €3.266 billion ($3.48 billion) in 2023, highlighting the potential financial impact of a successful attack.
As the investigation continues, with the FBI reportedly involved, Octapharma Plasma promises “further updates on reopening” via email, social media, and its website, leaving patients and donors anxiously awaiting the resolution of this potential cybersecurity crisis.