NHS Says UK Blood Supply Still Disrupted by June 2024 Ransomware Attack

One year after a major ransomware attack on a UK pathology service provider, the country’s national health system is still grappling with ongoing blood supply shortages, particularly O-negative blood, which is critical for emergency care.  

The incident disrupted services across several major London hospitals, resulting in thousands of canceled or postponed appointments and surgeries. The UK’s blood agency has issued repeated appeals for donations, warning of the risk of a public safety crisis if supplies aren't replenished quickly, HealthInfoSecurity reports.

Experts describe the attack as a deliberate attempt to inflict maximum disruption on healthcare operations. Although the agency’s systems weren’t directly targeted, its ability to match and supply blood was significantly hampered due to dependencies on affected hospitals. Seasonal donation slowdowns and reduced workplace blood drives have further worsened the shortage.

The attack is part of a wider trend, with major US blood suppliers also targeted by ransomware in 2024, causing weeks-long disruptions. These incidents prompted warnings from government and industry groups about growing threats to life-critical healthcare supply chains.

Takeaway: This is ransomware at its most calculated. Hitting blood centers isn’t just opportunistic, it’s tactical. Attackers know exactly what they’re doing: going after a supply chain link so critical that even minor disruption causes major downstream chaos.  

Hospitals can’t function without blood. No trauma care, no emergency surgeries, no oncology treatments. It’s not just operational disruption, it’s a direct threat to human life. And that’s the leverage.

The point of ransomware is pain. Not inconvenience, not embarrassment, but pain. That’s because pain drives payment. The more urgent the need, the greater the pressure to pay.  

That’s why we’re seeing attackers shift their focus to critical third parties in the healthcare ecosystem—blood centers, diagnostic labs, claims processors. These targets are essentially attack force multipliers. Hit one of them and you don’t just disrupt a business—you stall an entire system.

This is the same playbook we’ve seen in other sectors. Go after the vendor that nobody thinks about until they go offline and suddenly everyone feels it. And in healthcare, the consequences are immediate and dangerous. That’s why attackers are doubling down.

We should stop being surprised when these attacks happen and start asking why these links in the chain are still so vulnerable. If ransomware crews are willing to risk public outrage by targeting life-saving services, it’s because they’ve done the math, and they know it pays.

Halcyon.ai eliminates the business impact of ransomware. Modern enterprises rely on Halcyon to prevent ransomware attacks, eradicating cybercriminals’ ability to encrypt systems, steal data, and extort companies – talk to a Halcyon expert today to find out more, and check out our quarterly RaaS and extortion group reference guide, Power Rankings: Ransomware Malicious Quartile.