OneBlood discloses data breach exposing social security numbers

OneBlood, Inc., a not-for-profit organization that provides blood to over 200 hospital partners across several states, recently disclosed a data breach that may have exposed sensitive personal information. The breach was reported to the Massachusetts Attorney General's office on January 9, 2025, and affected at least 608 individuals in the state.

It is currently unclear how many individuals were impacted nationwide at this time.

The compromised information includes names and alarmingly, Social Security numbers.

The exact method through which the data was stolen has not been disclosed. However, OneBlood has confirmed that they promptly secured their systems and conducted a detailed investigation to determine the scope of the breach. The organization has also notified federal law enforcement about the incident.

OneBlood's response

In response to the breach, OneBlood has taken several steps to address the situation and protect affected individuals. The organization immediately secured its systems to prevent further unauthorized access and launched a thorough investigation to understand the full extent of the incident.

Additionally, OneBlood is offering complimentary credit monitoring and identity theft restoration services through TransUnion for a period of 24 months. Affected individuals have been provided with instructions on how to enroll in these services. OneBlood has also shared resources to help individuals monitor their credit and protect their personal information.

Affected by the OneBlood data breach?

If you have been notified that your information was part of this breach, it is important to take proactive steps to safeguard your identity and financial information. Here’s what you should do:

1. Enroll in the credit monitoring service: OneBlood is offering 24 months of free credit monitoring through TransUnion. Follow the instructions in the notification letter to enroll within 90 days of receiving the notice.
2. Monitor your credit reports: You are entitled to one free credit report annually from each of the three major credit bureaus—Equifax, Experian, and TransUnion. Visit Annual Credit Report to request your reports and check for any suspicious activity.
3. Consider placing a fraud alert: A fraud alert makes it harder for identity thieves to open accounts in your name. Contact one of the three major credit reporting agencies to set up a free fraud alert, which will last for one year.
4. Freeze your credit if necessary: A credit freeze prevents creditors from accessing your credit report without your permission. This can stop new accounts from being opened in your name. Freezing your credit is free and can be done by contacting Equifax, Experian, and TransUnion directly.
5. Stay vigilant: Regularly review your bank and credit card statements for unauthorized transactions. If you notice anything unusual, report it immediately to your financial institution.
6. File a police report if needed: If you suspect that your identity has been stolen, file a report with your local police department. You can also report identity theft to the Federal Trade Commission at IdentityTheft.gov.

For more details, you can view the disclosure on the Massachusetts Attorney General's website.