NYBC A.I CyberSecurity Scoring
04/04/2026
Access Monitoring Plan
Access Monitoring Plan
No incidents recorded for New York Blood Center in 2026.
No incidents recorded for New York Blood Center in 2026.
No incidents recorded for New York Blood Center in 2026.
Hospitals and Health Care
RWJBarnabas Health is New Jersey’s largest and most comprehensive academic health system, caring for more than 5 million people annually. Nationally renowned for quality and safety, the system includes 14 hospitals and 9,000 affiliated physicians integrated to provide care at more than 700 patient care locations. RWJBarnabas Health is among New Jersey’s largest private employers, with more than 44,000 employees, contributing more than $5.5 billion to the state economy every year. RWJBarnabas Health partners with its diverse communities to build and sustain a healthier New Jersey. It provides patient-centered care in a compassionate and equitable manner. RWJBarnabas Health’s commitment to enhancing access to care includes a transformative partnership with Rutgers University, including the Rutgers Cancer Institute — the state's only NCI-designated Comprehensive Cancer Center - and Rutgers Robert Wood Johnson Medical School.
Health Care Service Corporation serves nearly 23 million people across the United States through its portfolio of health benefit solutions. HCSC provides health coverage options for employers large and small, individuals and families, and Medicare and Medicaid plans. HCSC also offers related health care products and services such as pharmacy solutions, life and dental insurance, and health data technology. A Mutual Legal Reserve Company, HCSC is an independent licensee of the Blue Cross Blue Shield Association. For nearly a century, we have enabled and coordinated the access to quality care for millions of members. Our experience and industry knowledge establishes a solid foundation for our future—driving innovations that further expand access, improve health outcomes, and reduce costs. Embedded within the fabric of how we operate is a deep sense of caring and commitment that informs how we serve our members, engage in local communities, and deliver positive change to the health care industry. As health care needs evolve, we leverage our portfolio of companies to deliver differentiated value to all industry stakeholders so that, together, we make more possible. Join HCSC and discover what new ways of thinking can mean for you, your community, our customers and our organization: HCSC.com/careers. We are an Equal Opportunity Employment / Affirmative Action employer dedicated to an inclusive, drug-free and smoke-free workplace. Drug screening and background investigation are required, as allowed by law. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability, or protected veteran status. Image(s) may have been created or enhanced using artificial intelligence tools.
Centene Corporation is a leading healthcare enterprise committed to helping people live healthier lives. Centene offers affordable and high-quality products to more than 1 in 15 individuals across the nation, including Medicaid and Medicare members (including Medicare Prescription Drug Plans) as well as individuals and families served by the Health Insurance Marketplace. Centene believes healthcare is best delivered locally. Our local health plans provide fully integrated, high-quality, and cost-effective services to government-sponsored and commercial healthcare programs, focusing on under-insured and uninsured individuals. Centene’s hiring practices reflect the composition of the members and communities we serve, allowing us to deliver quality, culturally sensitive healthcare to millions of members. Centene employees help change the world of healthcare and transform our communities. To learn more about career opportunities with Centene, visit: https://jobs.centene.com/
Thomas Jefferson University and Thomas Jefferson University Hospitals are partners in providing excellent clinical and compassionate care for our patients in the Philadelphia region, educating the health professionals of tomorrow in a variety of disciplines and discovering new knowledge that will define the future of clinical care. Thomas Jefferson University is dedicated to health sciences education and research.
UnitedHealth Group is a health care and well-being company with a mission to help people live healthier lives and help make the health system work better for everyone. We are 340,000 colleagues in two distinct and complementary businesses working to help build a modern, high-performing health system through improved access, affordability, outcomes and experiences. Optum delivers care aided by technology and data, empowering people, partners and providers with the guidance and tools they need to achieve better health. UnitedHealthcare offers a full range of health benefits, enabling affordable coverage, simplifying the health care experience and delivering access to high-quality care. We work with governments, employers, partners and providers to care for 147 million people and share a vision of a value-based system of care that provides compassionate and equitable care. At UnitedHealth Group, our mission calls us, our values guide us and our diverse culture connects us as we seek to improve care for the consumers we are privileged to serve and their communities. Click below to search careers or join our social communities: • Search & apply for careers at careers.unitedhealthgroup.com/ • Follow us on Twitter at twitter.com/UnitedHealthGrp • Follow and like us on Facebook at facebook.com/unitedhealthgroup • Follow us on Instagram at instagram.com/unitedhealthgroup More about UnitedHealth Group can be found at unitedhealthgroup.com/
Piedmont is empowering Georgians by changing health care. We continue to fuel Georgia’s growth through safe, cost-effective, high-quality care close to home through an integrated health care system that provides a hassle-free, unified experience. We are a private, not-for-profit organization with more than 12,000 donors annually that for centuries has sought to make a positive difference in every life we touch in the communities we serve. Across our 2,171 physical locations we care for more than 4.5 million patients and serve communities that comprise 85 percent of Georgia’s population. This includes 27 hospitals, 113 immediate care locations, 1,875 Piedmont Clinic physician practices and more than 3,600 Piedmont Clinic members. Our patients conveniently engage with Piedmont online, as they scheduled more than 560,000 online appointments and over 120,000 virtual visits. With more than 47,000 care givers we are the largest Georgia-based private employer of Georgians, who all came for the job, but stayed for the people. In 2024 and 2023, Piedmont has earned recognition from Newsweek as one of America’s Greatest Workplaces for Diversity and also as one of America's Greatest Workplaces for Women. In 2022, Forbes ranked Piedmont on its list of the Best Large Employers in the United States. Piedmont provided more than $607 million in community impact in Fiscal Year 2024. For more information, or booking your next appointment, visit piedmont.org.
The Ministry of Health (Malay: Kementerian Kesihatan), abbreviated MOH, is a ministry of the Government of Malaysia that is responsible for health system: health behavior, cancer, public health, health management, medical research, health systems research, respiratory medicine, health promotion, healthcare tourism, medical device, blood collection, leprosy control, clinical research, health care, dental care, health institution, laboratory, pharmaceutical, patient safety.
Founded in 2003, Omega Healthcare Management Services® (Omega Healthcare) is an AI-driven healthcare solutions company that partners across the healthcare ecosystem to deliver breakthrough results by reimagining and elevating revenue operations. Powered by the Omega Digital Platform®, our agentic AI engine leverages adaptive intelligence to drive automation, complemented by deep human expertise to help optimize performance and deliver sustained financial and clinical outcomes—while enhancing patient satisfaction. Omega Healthcare empowers organizations across provider, payer, and life sciences sectors to navigate today’s healthcare challenges while building the agility to adapt as healthcare and technology continue to evolve rapidly. Recognized by industry analysts, Omega Healthcare has consistently been ranked a leader in driving operational performance excellence. For more information, visit www.omegahms.com
Anteriormente Organización Sanitas Internacional, Keralty es un grupo empresarial de valor en salud, con más de 40 años de experiencia conformado por empresas de aseguramiento y prestación de servicios de salud y una red propia hospitalaria y asistencial. También forman parte de Keralty instituciones educativas y empresas con enfoque social que complementan el mundo de salud que ofrecemos al mercado. Nuestra misión es contribuir al desarrollo de los países mediante innovación tecnológica, social, organizacional y atención integrada en salud, mejorando e incrementando el bienestar de las personas a lo largo de su vida, a la vez que generamos empleo, riqueza y calidad de vida a las comunidades en que operamos, favoreciendo el desarrollo regional. Somos un grupo conformado por más de 3 millones de afiliados, más de 13.000 médicos adscritos y presente en más de 7 países, que vela por el cuidado de sus usuarios, manteniendo su salud, identificando y gestionando el riesgo y la enfermedad. Somos líderes en servicios integrales de salud en los países donde estamos presentes, para ser reconocidos por nuestro enfoque humano, científico, técnico y ético.
Latest updates, reports, and threat intel affecting the global network.
The New York Blood Center (NYBC) confirmed that a targeted cyberattack between January 20 and January 26, 2025, allowed an unauthorized...
193814 Americans must act by February 11, 2026. The New York Blood Center settlement offers a $500000 fund for data breach victims.
If you received a notice that your personal information was impacted in the New York Blood Center January 2025 data breach, you have 2 days...
HCIactive, a company that offers AI-powered administrative solutions, reported a multi-million-record breach to state regulators.
New Liberty Hospital in Missouri, Memorial Blood Centers in Minnesota, and the New York Blood Center have settled class action lawsuits over...
Radiology practice SimonMed disclosed a large healthcare data breach that was claimed by the Medusa ransomware group.
As New York's attorney general, my top priority was protecting consumers from fraud, scams, and corporate misconduct.
New York Blood Center Enterprises said the data security incident it suffered earlier this year exposed highly sensitive personal...
New York Blood Center (NYBCe) Enterprises has confirmed that it had notified 193,822 people of a data leak in a January 2025 breach.
FOSSBilling is a free, open-source billing and client management system. In versions 0.5.6 through 0.7.2, when a `ClientPasswordReset` record already exists for a client (from a previous unexpired reset request), subsequent calls to the `reset_password` guest API endpoint reuse the existing token instead of generating a new one. The 15-minute validity window is anchored to the first request's `created_at` timestamp, not the time of the most recent email. An attacker who obtained the original reset link remains able to use it even after the victim requests a new reset, because the original token is never invalidated or rotated. Version 0.8.0 patches the issue. Some workarounds are available. Configure a reverse proxy (e.g., Nginx, Apache, Cloudflare) to apply per-IP rate limiting to the `/client/reset-password` endpoint to minimize the window of opportunity, and/or manually clear expired `client_password_reset` records from the database after a client reports a suspected compromise.
FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 allow a low-privileged staff account to grant arbitrary module permissions to itself through the admin API, resulting in persistent privilege escalation. A staff user that only has `staff.create_and_edit_staff` can call `/api/admin/staff/permissions_update` targeting their own account and write any permission structure, bypassing the intended role-based access control boundary. Version 0.8.0 patches the issue. Some workarounds are available. Restrict the `staff.create_and_edit_staff` permission to only highly trusted staff members and/or use a reverse proxy or WAF to restrict access to `/api/admin/staff/permissions_update` to specific trusted roles.
FOSSBilling is a free, open-source billing and client management system. Versions 0.5.3 through 0.7.2 allow authenticated clients to both read and reset API key service secrets for orders that are no longer in an `active` state (e.g., `suspended`, `canceled`). The root cause is missing order-state validation in two client API endpoints, despite an `isActive()` helper already existing in the `Serviceapikey` module and the frontend UI correctly gating access on `order.status == 'active'`. Version 0.8.0 contains a fix. Some workarounds are available. If the `Serviceapikey` module is not needed, uninstall it to remove the affected endpoints. One may also use a reverse proxy or WAF to restrict access to `/api/client/order/service` and `/api/client/serviceapikey/reset` based on application-level order-state logic.
FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 allow low-privileged staff accounts to perform unauthorized actions via admin API endpoints. The root cause is a combination of the `can_always_access` module flag (which grants all staff access to certain modules) and insufficient permission checks or unsafe parameter handling on individual endpoints. Version 0.8.0 contains a fix. Some workarounds are available. Restrict staff accounts to only those who need access to sensitive settings and/or use a reverse proxy or WAF to restrict access to the affected endpoints to trusted IP addresses or higher-privilege roles.
FOSSBilling is a free, open-source billing and client management system. In versions 0.5.6 through 0.7.2, when the "Require Email Confirmation" setting is enabled, a logged-in client with an unverified email address (`email_approved = 0`) can access all client-area pages (e.g. `/client/balance`, `/client/order/list`, `/client/invoice`) and read real account data, including wallet balances and transaction history. The API-side enforcement correctly restricts unverified clients to only profile-related endpoints, but the page-side enforcement is overly permissive, allowing any request whose path starts with `/client`. Version 0.8.0 contains a fix. No known workarounds that don't involve modifying the source code are available.
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.