OPI
Company Details
Linkedin ID:
octapharma-plasma-inc.
Website:
Employees number:
3,050
Number of followers:
39,258
NAICS:
3254
Industry Type:
Homepage:
octapharmaplasma.com
IP Addresses:
0
Company ID:
OCT_1331102
Scan Status:
In-progress
Octapharma Plasma, Inc. Company CyberSecurity Posture
octapharmaplasma.com
About Us: Octapharma Plasma, Inc. helps change lives through the incredible power of plasma donation. Backed by a global organization and supported by a dedicated team of more than 5,000 employees across the United States, we operate over 175 centers nationwide. Our mission is clear — “To be the leading plasma donation company in unmatched service to our donors, communities, and employees.” What We Do: • Collect and Test Plasma: Ensuring the highest standards in plasma collection and testing to create life-saving medications. • Support Patients Globally: Through our parent company, Octapharma AG (Switzerland), we develop treatments for Hematology, Immunotherapy, and Critical Care, benefiting patients in 113 countries. Why Join Us: At Octapharma Plasma, we live by our core values of Respect, Collaboration, Innovation, and Excellence. We offer professional growth, access to cutting-edge tools, collaborative teams, and career paths tailored to your aspirations. Our Vision: To improve the quality of life of everyone we serve through the life-changing power of plasma. Join Our Team: Explore opportunities with Octapharma Plasma and become part of a team making a global impact. Visit our Careers page to see how your talents can contribute to our mission. Learn more about our parent company and worldwide impact at www.octapharmaplasma.com.
Octapharma Plasma, Inc. A.I CyberSecurity Scoring
OPI Risk Score (AI oriented)Between 0 and 549
OPI
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
OPI Global Score (TPRM)XXXX
OPI
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
OPI Company CyberSecurity News & History
Past Incidents
4
Attack Types
2
Octapharma Plasma, Inc.
Breach
Rankiteo Explanation
Attack without any consequences
Description: On September 19, 2024, the California Office of the Attorney General reported a data breach involving Octapharma Plasma, Inc., which occurred on April 17, 2024. The breach involved unauthorized access to the Company's IT systems, potentially impacting personal information, though the specific types of affected information are unknown and the exact number of individuals affected is also unspecified.
Octapharma Plasma
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Octapharma Plasma, a plasma donation center, faced a **$2.55 million class-action lawsuit** due to allegations of failing to implement adequate cybersecurity measures, resulting in a **data breach exposing donor information**. The breach led to unauthorized third-party access to sensitive client data, including financial and personal details, forcing affected individuals to incur expenses to mitigate risks like identity theft and fraud. Eligible class members—including those with documented losses (up to **$5,000**) and those without (flat **$100 payment**)—were offered compensation, alongside **three years of credit monitoring**. California-based members received an additional **$50**. The settlement underscores the severe financial and reputational repercussions of inadequate data protection, as clients had to bear costs to secure their compromised information. The breach highlights systemic vulnerabilities in handling **donor/patient data**, reinforcing the critical need for robust cybersecurity in healthcare-related entities. The company did not admit wrongdoing, but the lawsuit’s scale and payout structure reflect the **high-stakes impact** of the breach on individuals’ financial security and trust in the organization.
Octapharma Plasma Inc.
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: In April 2024, Octapharma Plasma Inc. experienced a data breach due to alleged inadequate cybersecurity measures, resulting in unauthorized access to sensitive personal information of consumers. The compromised data included names, dates of birth, Social Security numbers, health data, and donor eligibility information. The breach exposed affected individuals to risks of identity theft, fraud, and financial harm. Octapharma agreed to a $2.55 million class action settlement to resolve claims, offering affected individuals up to $5,050 in compensation for documented losses, a flat cash payment (estimated at $100), and three years of credit monitoring. California residents were eligible for an additional $50 statutory payment. The settlement aimed to mitigate the fallout from the breach, though the company denied wrongdoing.
Octapharma
Ransomware
Rankiteo Explanation
Attack that could injure or kill people
Description: The BlackSuit ransomware gang targeted Octapharma, a blood plasma collection organization, leading to the temporary closure of nearly 200 blood plasma collection centers across the U.S. This disruption severely impacted the healthcare system by limiting the availability of critical blood plasma supplies, which are essential for medical treatments. The attack underscored the vulnerability of healthcare infrastructure to cyber threats and highlighted the broader implications of ransomware on public health and safety.
OPI Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for OPI
Incidents vs Pharmaceutical Manufacturing Industry Average (This Year)
Octapharma Plasma, Inc. has 150.0% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
Octapharma Plasma, Inc. has 207.69% more incidents than the average of all companies with at least one recorded incident.
Incident Types OPI vs Pharmaceutical Manufacturing Industry Avg (This Year)
Octapharma Plasma, Inc. reported 2 incidents this year: 0 cyber attacks, 1 ransomware, 0 vulnerabilities, 1 data breaches, compared to industry peers with at least 1 incident.
Incident History — OPI (X = Date, Y = Severity)
OPI cyber incidents detection timeline including parent company and subsidiaries
OPI Company Subsidiaries
About Us: Octapharma Plasma, Inc. helps change lives through the incredible power of plasma donation. Backed by a global organization and supported by a dedicated team of more than 5,000 employees across the United States, we operate over 175 centers nationwide. Our mission is clear — “To be the leading plasma donation company in unmatched service to our donors, communities, and employees.” What We Do: • Collect and Test Plasma: Ensuring the highest standards in plasma collection and testing to create life-saving medications. • Support Patients Globally: Through our parent company, Octapharma AG (Switzerland), we develop treatments for Hematology, Immunotherapy, and Critical Care, benefiting patients in 113 countries. Why Join Us: At Octapharma Plasma, we live by our core values of Respect, Collaboration, Innovation, and Excellence. We offer professional growth, access to cutting-edge tools, collaborative teams, and career paths tailored to your aspirations. Our Vision: To improve the quality of life of everyone we serve through the life-changing power of plasma. Join Our Team: Explore opportunities with Octapharma Plasma and become part of a team making a global impact. Visit our Careers page to see how your talents can contribute to our mission. Learn more about our parent company and worldwide impact at www.octapharmaplasma.com.
Loading...
OPI Similar Companies
MANKIND PHARMA LTD
Mankind Pharma, one of the top 5 leading pharmaceutical companies in India, started its journey in 1995. Today, we have an employee base of over 20,000 and are racing towards $1 Billion. At Mankind, we aspire to aid the community in leading a healthy life by formulating, developing, commercializing,
Cipla
Cipla is a leading global pharmaceutical company trusted by healthcare professionals and patients across the world since 1935. A compassionate approach to healthcare that goes beyond the pursuit of profit and growth has been the force impelling Cipla’s history over the years. Our credo and our purp
We are Sanofi, an innovative global healthcare company. We chase the miracles of science to improve people’s lives. Our team, across some 100 countries, is dedicated to transforming the practice of medicine by working to turn the impossible into the possible. We provide potentially life-changing t
Viatris
Viatris Inc. (NASDAQ: VTRS) is a global healthcare company uniquely positioned to bridge the traditional divide between generics and brands, combining the best of both to more holistically address healthcare needs globally. With a mission to empower people worldwide to live healthier at every stage
UCB
At UCB, we believe everyone deserves to live the best life they can - as free as possible from the challenges and uncertainty of disease. Our purpose is to support people living with severe central nervous system and immunological conditions by delivering meaningful solutions that go beyond medicine
EMS is the leading pharmaceutical company in Brazil. Established since 45 years and with 100% national capital, the company has two industrial plants strategically placed in São Bernardo do Campo and Hortolândia, in the state of São Paulo. With a work based on daring, simplicity, excellence and res
Glenmark Pharmaceuticals
Glenmark Pharmaceuticals Limited is a research-led, global organization committed to enriching lives. Innovation is deeply embedded in Glenmark’s culture; it is how we differentiate ourselves in our key markets and create greater value for our stakeholders. In our journey of innovation over the pa
AUROBINDO PHARMA LTD
Aurobindo Pharma Limited (NSE: AUROPHARMA, BSE: 524804, Reuters: ARBN.NS, Bloomberg: ARBP IN) is an integrated global pharmaceutical company headquartered in Hyderabad, India. The Company develops, manufactures, and markets a wide range of generic pharmaceuticals, branded specialty drugs, and active
Torrent Pharmaceuticals Ltd
Torrent Pharma, with annual revenues of more than Rs 10,700 crores, is the flagship Company of the Torrent Group, with group revenues of Rs 41,000 crores. It is ranked 5th in the Indian Pharma Market and is among the Top 5 in the therapeutic segments of Cardiovascular (CV), Central Nervous System (C
.png)
OPI CyberSecurity News
November 17, 2025 11:17 PM
Patients Net $2.55M Deal To End Plasma Co. Data Breach Case
A group of patients is seeking a final seal of approval from a North Carolina federal judge on their $2.55 million settlement with a plasma...
November 15, 2025 09:31 AM
$2.55M Octapharma Plasma data breach class action settlement
Octapharma Plasma agreed to a $2.55 million class action lawsuit settlement to resolve claims it failed to prevent a 2024 data breach that compromised donor...
September 15, 2025 07:00 AM
Octapharma Plasma agrees to settle data breach class action for $2.55M
Consumers who received a notice from Octapharma Plasma Inc. informing them of an April 2024 data breach may have affected their personal...
January 30, 2025 08:00 AM
Ransomware attack hits New York Blood Center Enterprises
New York Blood Center Enterprises is responding to a ransomware attack that began on Jan. 26, 2025, and continues to disrupt its operations.
November 18, 2024 08:00 AM
Mitigating risk as healthcare supply chain attacks prevail
A focus on cyber resilience is essential for mitigating the risk of healthcare supply chain attacks, which have the potential to cause widespread disruptions.
October 23, 2024 07:00 AM
$2.5M Advanced Medical Management data breach class action settlement
A $2.5 million Advanced Medical Management settlement resolves claims that a third-party criminal actor gained illegal access to AMM's...
June 05, 2024 07:00 AM
Haemonetics to Pay $8.7 Million to Settle Biometric Privacy Suit
Haemonetics Corp. will pay over $8.7 million to settle a class action alleging it collected the fingerprints of blood-plasma donors in...
April 30, 2024 07:00 AM
Patients Sue NC Plasma Donation Co. Over Data Breach
A plasma collection company has been hit in North Carolina federal court with at least two proposed class actions as of Monday claiming it...
April 29, 2024 07:00 AM
Plasma-Donation Chain Hit With Class Action Over Data Breach
An April 17 data breach affecting 190 of Octapharma Plasma Inc.'s plasma donation centers across 35 states exposed social security numbers and laboratory data.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
OPI CyberSecurity History Information
Official Website of Octapharma Plasma, Inc.
The official website of Octapharma Plasma, Inc. is http://www.octapharmaplasma.com.
Octapharma Plasma, Inc.’s AI-Generated Cybersecurity Score
According to Rankiteo, Octapharma Plasma, Inc.’s AI-generated cybersecurity score is 311, reflecting their Critical security posture.
How many security badges does Octapharma Plasma, Inc.’ have ?
According to Rankiteo, Octapharma Plasma, Inc. currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Octapharma Plasma, Inc. have SOC 2 Type 1 certification ?
According to Rankiteo, Octapharma Plasma, Inc. is not certified under SOC 2 Type 1.
Does Octapharma Plasma, Inc. have SOC 2 Type 2 certification ?
According to Rankiteo, Octapharma Plasma, Inc. does not hold a SOC 2 Type 2 certification.
Does Octapharma Plasma, Inc. comply with GDPR ?
According to Rankiteo, Octapharma Plasma, Inc. is not listed as GDPR compliant.
Does Octapharma Plasma, Inc. have PCI DSS certification ?
According to Rankiteo, Octapharma Plasma, Inc. does not currently maintain PCI DSS compliance.
Does Octapharma Plasma, Inc. comply with HIPAA ?
According to Rankiteo, Octapharma Plasma, Inc. is not compliant with HIPAA regulations.
Does Octapharma Plasma, Inc. have ISO 27001 certification ?
According to Rankiteo,Octapharma Plasma, Inc. is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Octapharma Plasma, Inc.
Octapharma Plasma, Inc. operates primarily in the Pharmaceutical Manufacturing industry.
Number of Employees at Octapharma Plasma, Inc.
Octapharma Plasma, Inc. employs approximately 3,050 people worldwide.
Subsidiaries Owned by Octapharma Plasma, Inc.
Octapharma Plasma, Inc. presently has no subsidiaries across any sectors.
Octapharma Plasma, Inc.’s LinkedIn Followers
Octapharma Plasma, Inc.’s official LinkedIn profile has approximately 39,258 followers.
NAICS Classification of Octapharma Plasma, Inc.
Octapharma Plasma, Inc. is classified under the NAICS code 3254, which corresponds to Pharmaceutical and Medicine Manufacturing.
Octapharma Plasma, Inc.’s Presence on Crunchbase
No, Octapharma Plasma, Inc. does not have a profile on Crunchbase.
Octapharma Plasma, Inc.’s Presence on LinkedIn
Yes, Octapharma Plasma, Inc. maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/octapharma-plasma-inc..
Cybersecurity Incidents Involving Octapharma Plasma, Inc.
As of December 09, 2025, Rankiteo reports that Octapharma Plasma, Inc. has experienced 4 cybersecurity incidents.
Number of Peer and Competitor Companies
Octapharma Plasma, Inc. has an estimated 5,361 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Octapharma Plasma, Inc. ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware and Breach.
What was the total financial impact of these incidents on Octapharma Plasma, Inc. ?
Total Financial Loss: The total financial loss from these incidents is estimated to be $372.55 million.
How does Octapharma Plasma, Inc. detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an incident response plan activated with operation checkmate, and third party assistance with bitdefender, and and containment measures with seizure of servers, domains, and digital assets, and recovery measures with settlement fund for affected individuals ($2.55m), and communication strategy with notice sent to affected individuals; class action settlement process, and recovery measures with settlement payouts ($5,000 for documented losses, $100 flat fee, $50 for california members), three years of credit monitoring, and communication strategy with class action notification and settlement terms dissemination..
Incident Details
Can you provide details on each incident ?
Title: Data Breach at Octapharma Plasma, Inc.
Description: Unauthorized access to the Company's IT systems, potentially impacting personal information.
Date Detected: 2024-04-17
Date Publicly Disclosed: 2024-09-19
Type: Data Breach
Attack Vector: Unauthorized Access
Title: Takedown of BlackSuit Ransomware Infrastructure
Description: U.S. law enforcement agencies dismantled critical infrastructure used by the BlackSuit ransomware gang, seizing servers, domains, and digital assets used to deploy ransomware, extort victims, and launder proceeds.
Type: Ransomware Takedown
Threat Actor: BlackSuit Ransomware Gang
Motivation: Financial gain through ransom payments
Title: Octapharma Plasma Inc. Data Breach (April 2024)
Description: Octapharma Plasma Inc. experienced a data breach in April 2024, resulting in unauthorized access to sensitive personal information, including names, dates of birth, Social Security numbers, health data, and donor eligibility information. The company agreed to a $2.55 million settlement to resolve a class action lawsuit alleging inadequate cybersecurity measures.
Date Detected: 2024-04
Type: Data Breach
Title: Octapharma Plasma Data Breach Class Action Settlement
Description: Octapharma Plasma agreed to settle a $2.55 million class action lawsuit over allegations that the plasma donation center failed to protect donor information adequately. Class members are eligible for compensation, including up to $5,000 for documented losses, a flat $100 payment, and three years of credit monitoring services. California-based members receive an additional $50. Claims must be submitted by November 14, 2025, with the final approval hearing on December 4, 2025.
Type: Data Breach
Motivation: Financial gain (potential identity theft, fraud)
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach OCT115072825
Data Compromised: Personal information
Systems Affected: IT Systems
Incident : Ransomware Takedown OCT410080825
Financial Loss: $370 million in ransom payments
Operational Impact: Temporary closure of almost 200 blood plasma collection centers
Incident : Data Breach OCT0732507091625
Data Compromised: Names, Dates of birth, Social security numbers, Health data, Donor eligibility information
Customer Complaints: Class action lawsuit filed
Brand Reputation Impact: Significant (settlement and public disclosure)
Legal Liabilities: $2.55 million settlement
Identity Theft Risk: High (PII and health data exposed)
Incident : Data Breach OCT2232822111325
Financial Loss: $2.55 million (settlement amount)
Data Compromised: Donor information (including financial and Social Security data)
Customer Complaints: Class action lawsuit filed (case no. 3:24-cv-00424-MOC-SCR)
Brand Reputation Impact: Negative (litigation and settlement imply reputational harm)
Legal Liabilities: $2.55 million settlement, potential further liabilities if non-compliance is proven
Identity Theft Risk: High (financial and Social Security data exposed)
Payment Information Risk: High
What is the average financial loss per incident ?
Average Financial Loss: The average financial loss per incident is $93.14 million.
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Information, , Personally Identifiable Information (Pii), Protected Health Information (Phi), , Financial Data, Social Security Numbers, Donor Information and .
Which entities were affected by each incident ?
Incident : Data Breach OCT115072825
Entity Name: Octapharma Plasma, Inc.
Entity Type: Company
Industry: Healthcare
Incident : Ransomware Takedown OCT410080825
Entity Name: City of Dallas
Entity Type: Government
Industry: Public Sector
Location: Dallas, Texas
Incident : Ransomware Takedown OCT410080825
Entity Name: Kadokawa
Entity Type: Company
Industry: Media
Location: Japan
Incident : Ransomware Takedown OCT410080825
Entity Name: Tampa Bay Zoo
Entity Type: Organization
Industry: Entertainment
Location: Tampa Bay, Florida
Incident : Ransomware Takedown OCT410080825
Entity Name: Octapharma
Entity Type: Company
Industry: Healthcare
Incident : Data Breach OCT0732507091625
Entity Name: Octapharma Plasma Inc.
Entity Type: Corporation
Industry: Healthcare (Plasma Donation)
Location: United States
Customers Affected: Class members (U.S. residents notified of breach; exact number unspecified)
Incident : Data Breach OCT2232822111325
Entity Name: Octapharma Plasma
Entity Type: Plasma donation center
Industry: Healthcare (blood/plasma donation)
Customers Affected: Class members (donors, exact number unspecified)
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Ransomware Takedown OCT410080825
Incident Response Plan Activated: Operation Checkmate
Third Party Assistance: Bitdefender
Containment Measures: Seizure of servers, domains, and digital assets
Incident : Data Breach OCT0732507091625
Recovery Measures: Settlement fund for affected individuals ($2.55M)
Communication Strategy: Notice sent to affected individuals; class action settlement process
Incident : Data Breach OCT2232822111325
Recovery Measures: Settlement payouts ($5,000 for documented losses, $100 flat fee, $50 for California members), three years of credit monitoring
Communication Strategy: Class action notification and settlement terms dissemination
What is the company's incident response plan?
Incident Response Plan: The company's incident response plan is described as Operation Checkmate.
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Bitdefender.
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach OCT115072825
Type of Data Compromised: Personal information
Incident : Data Breach OCT0732507091625
Type of Data Compromised: Personally identifiable information (pii), Protected health information (phi)
Sensitivity of Data: High (SSNs, health data, donor eligibility)
Data Exfiltration: Yes (unauthorized access confirmed)
Personally Identifiable Information: NamesDates of birthSocial Security numbersHealth dataDonor eligibility information
Incident : Data Breach OCT2232822111325
Type of Data Compromised: Financial data, Social security numbers, Donor information
Sensitivity of Data: High (personally identifiable and financial information)
Data Exfiltration: Likely (implied by identity theft risk)
Personally Identifiable Information: Yes (Social Security numbers, financial data)
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by seizure of servers, domains and and digital assets.
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Ransomware Takedown OCT410080825
Ransom Demanded: $60 million in some cases
Ransom Paid: $370 million in total
Ransomware Strain: BlackSuit
Data Encryption: True
How does the company recover data encrypted by ransomware ?
Data Recovery from Ransomware: The company recovers data encrypted by ransomware through Settlement fund for affected individuals ($2.55M), Settlement payouts ($5,000 for documented losses, $100 flat fee, $50 for California members), three years of credit monitoring.
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Breach OCT0732507091625
Legal Actions: Class action lawsuit settled for $2.55M
Incident : Data Breach OCT2232822111325
Fines Imposed: $2.55 million (settlement, not a fine)
Legal Actions: Class action lawsuit (case no. 3:24-cv-00424-MOC-SCR)
How does the company ensure compliance with regulatory requirements ?
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through Class action lawsuit settled for $2.55M, Class action lawsuit (case no. 3:24-cv-00424-MOC-SCR).
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : Data Breach OCT2232822111325
Lessons Learned: Companies handling sensitive client data must implement robust cybersecurity measures to prevent unauthorized access and mitigate legal/financial risks from breaches. Proactive interventions are critical to reducing liability and reputational damage.
What recommendations were made to prevent future incidents ?
Incident : Data Breach OCT2232822111325
Recommendations: Enhance data encryption and access controls for sensitive donor information., Implement multi-factor authentication and continuous monitoring for unauthorized access., Conduct regular third-party cybersecurity audits to identify vulnerabilities., Provide transparent communication and support (e.g., credit monitoring) to affected clients post-breach., Train employees on data protection best practices and phishing awareness.Enhance data encryption and access controls for sensitive donor information., Implement multi-factor authentication and continuous monitoring for unauthorized access., Conduct regular third-party cybersecurity audits to identify vulnerabilities., Provide transparent communication and support (e.g., credit monitoring) to affected clients post-breach., Train employees on data protection best practices and phishing awareness.Enhance data encryption and access controls for sensitive donor information., Implement multi-factor authentication and continuous monitoring for unauthorized access., Conduct regular third-party cybersecurity audits to identify vulnerabilities., Provide transparent communication and support (e.g., credit monitoring) to affected clients post-breach., Train employees on data protection best practices and phishing awareness.Enhance data encryption and access controls for sensitive donor information., Implement multi-factor authentication and continuous monitoring for unauthorized access., Conduct regular third-party cybersecurity audits to identify vulnerabilities., Provide transparent communication and support (e.g., credit monitoring) to affected clients post-breach., Train employees on data protection best practices and phishing awareness.Enhance data encryption and access controls for sensitive donor information., Implement multi-factor authentication and continuous monitoring for unauthorized access., Conduct regular third-party cybersecurity audits to identify vulnerabilities., Provide transparent communication and support (e.g., credit monitoring) to affected clients post-breach., Train employees on data protection best practices and phishing awareness.
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are Companies handling sensitive client data must implement robust cybersecurity measures to prevent unauthorized access and mitigate legal/financial risks from breaches. Proactive interventions are critical to reducing liability and reputational damage.
References
Where can I find more information about each incident ?
Incident : Data Breach OCT115072825
Source: California Office of the Attorney General
Date Accessed: 2024-09-19
Incident : Ransomware Takedown OCT410080825
Source: U.S. Department of Justice
Incident : Ransomware Takedown OCT410080825
Source: German Law Enforcement
Incident : Ransomware Takedown OCT410080825
Source: Cisco Talos
Incident : Data Breach OCT0732507091625
Source: Class Action Settlement Notice (Woodall v. Octapharma Plasma Inc.)
Incident : Data Breach OCT2232822111325
Source: Class Action Lawsuit Settlement Notice (Case No. 3:24-cv-00424-MOC-SCR)
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: California Office of the Attorney GeneralDate Accessed: 2024-09-19, and Source: U.S. Department of Justice, and Source: German Law Enforcement, and Source: Cisco Talos, and Source: Class Action Settlement Notice (Woodall v. Octapharma Plasma Inc.), and Source: Class Action Lawsuit Settlement Notice (Case No. 3:24-cv-00424-MOC-SCR).
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Ransomware Takedown OCT410080825
Investigation Status: Ongoing analysis of secured data
Incident : Data Breach OCT0732507091625
Investigation Status: Settled (class action lawsuit resolved)
Incident : Data Breach OCT2232822111325
Investigation Status: Settled (final approval hearing scheduled for December 4, 2025)
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Notice sent to affected individuals; class action settlement process and Class action notification and settlement terms dissemination.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach OCT0732507091625
Stakeholder Advisories: Notice sent to affected individuals; settlement claims process ongoing
Customer Advisories: Eligible individuals can file claims for compensation (documented losses, flat payment, or credit monitoring) by Nov 14, 2025
Incident : Data Breach OCT2232822111325
Stakeholder Advisories: Class members advised to submit claims by November 14, 2025, to receive compensation.
Customer Advisories: Eligible donors notified via settlement terms; compensation includes monetary payouts and credit monitoring.
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Notice sent to affected individuals; settlement claims process ongoing, Eligible individuals can file claims for compensation (documented losses, flat payment, or credit monitoring) by Nov 14, 2025, Class members advised to submit claims by November 14, 2025, to receive compensation. and Eligible donors notified via settlement terms; compensation includes monetary payouts and credit monitoring..
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach OCT2232822111325
High Value Targets: Donor financial and Social Security data
Data Sold on Dark Web: Donor financial and Social Security data
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach OCT0732507091625
Root Causes: Alleged inadequate cybersecurity measures
Corrective Actions: Settlement agreement (no technical details provided)
Incident : Data Breach OCT2232822111325
Root Causes: Alleged failure to implement necessary cybersecurity precautions to protect donor data.
Corrective Actions: Settlement payouts and credit monitoring for affected class members; specific technical remediations not disclosed.
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Bitdefender.
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Settlement agreement (no technical details provided), Settlement payouts and credit monitoring for affected class members; specific technical remediations not disclosed..
Additional Questions
General Information
Has the company ever paid ransoms ?
Ransom Payment History: The company has Paid ransoms in the past.
What was the amount of the last ransom demanded ?
Last Ransom Demanded: The amount of the last ransom demanded was $60 million in some cases.
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an BlackSuit Ransomware Gang.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2024-04-17.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2024-09-19.
Impact of the Incidents
What was the highest financial loss from an incident ?
Highest Financial Loss: The highest financial loss from an incident was $2.55 million (settlement amount).
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Personal Information, , Names, Dates of birth, Social Security numbers, Health data, Donor eligibility information, and Donor information (including financial and Social Security data).
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was IT Systems.
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was Bitdefender.
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident were Seizure of servers, domains and and digital assets.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Health data, Names, Donor eligibility information, Personal Information, Social Security numbers, Donor information (including financial and Social Security data) and Dates of birth.
Ransomware Information
What was the highest ransom demanded in a ransomware incident ?
Highest Ransom Demanded: The highest ransom demanded in a ransomware incident was $60 million in some cases.
What was the highest ransom paid in a ransomware incident ?
Highest Ransom Paid: The highest ransom paid in a ransomware incident was $370 million in total.
Regulatory Compliance
What was the highest fine imposed for a regulatory violation ?
Highest Fine Imposed: The highest fine imposed for a regulatory violation was $2.55 million (settlement, not a fine).
What was the most significant legal action taken for a regulatory violation ?
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was Class action lawsuit settled for $2.55M, Class action lawsuit (case no. 3:24-cv-00424-MOC-SCR).
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Companies handling sensitive client data must implement robust cybersecurity measures to prevent unauthorized access and mitigate legal/financial risks from breaches. Proactive interventions are critical to reducing liability and reputational damage.
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Conduct regular third-party cybersecurity audits to identify vulnerabilities., Provide transparent communication and support (e.g., credit monitoring) to affected clients post-breach., Implement multi-factor authentication and continuous monitoring for unauthorized access., Train employees on data protection best practices and phishing awareness. and Enhance data encryption and access controls for sensitive donor information..
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Class Action Lawsuit Settlement Notice (Case No. 3:24-cv-00424-MOC-SCR), Class Action Settlement Notice (Woodall v. Octapharma Plasma Inc.), California Office of the Attorney General, Cisco Talos, German Law Enforcement and U.S. Department of Justice.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing analysis of secured data.
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was Notice sent to affected individuals; settlement claims process ongoing, Class members advised to submit claims by November 14, 2025, to receive compensation., .
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued were an Eligible individuals can file claims for compensation (documented losses, flat payment, or credit monitoring) by Nov 14, 2025 and Eligible donors notified via settlement terms; compensation includes monetary payouts and credit monitoring.
Post-Incident Analysis
What was the most significant root cause identified in post-incident analysis ?
Most Significant Root Cause: The most significant root cause identified in post-incident analysis was Alleged inadequate cybersecurity measures, Alleged failure to implement necessary cybersecurity precautions to protect donor data..
What was the most significant corrective action taken based on post-incident analysis ?
Most Significant Corrective Action: The most significant corrective action taken based on post-incident analysis was Settlement agreement (no technical details provided), Settlement payouts and credit monitoring for affected class members; specific technical remediations not disclosed..
.png)
Latest Global CVEs (Not Company-Specific)
Description
Tuleap is a free and open source suite for management of software development and collaboration. Versions of Tuleap Community Edition prior to 17.0.99.1763126988 and Tuleap Enterprise Edition prior to 17.0-3 and 16.13-8 have missing CSRF protections which allow attackers to create or remove tracker triggers. This issue is fixed in Tuleap Community Edition version 17.0.99.1763126988 and Tuleap Enterprise Edition versions 17.0-3 and 16.13-8.
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
- https://github.com/Enalean/tuleap/commit/71d427b0f7ed8fa269a5ee6f7a557cf3dfc99cd4
- https://github.com/Enalean/tuleap/security/advisories/GHSA-f2xv-x3g6-4j9p
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=71d427b0f7ed8fa269a5ee6f7a557cf3dfc99cd4
- https://tuleap.net/plugins/tracker/?aid=45618
Description
Tuleap is a free and open source suite for management of software development and collaboration. Tuleap Community Editon versions prior to 17.0.99.1762456922 and Tuleap Enterprise Edition versions prior to 17.0-2, 16.13-7 and 16.12-10 are vulnerable to CSRF attacks through planning management API. Attackers have access to create, edit or remove plans. This issue is fixed in Tuleap Community Edition version 17.0.99.1762456922 and Tuleap Enterprise Edtion versions 17.0-2, 16.13-7 and 16.12-10.
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
- https://github.com/Enalean/tuleap/commit/1734a7bb2964042310ddc3f6dd7b4c82eee27526
- https://github.com/Enalean/tuleap/security/advisories/GHSA-9h47-jg7r-ww7x
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=1734a7bb2964042310ddc3f6dd7b4c82eee27526
- https://tuleap.net/plugins/tracker/?aid=45592
Description
Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap Community Edition versions below 17.0.99.1762444754 and Tuleap Enterprise Edition versions prior to 17.0-2, 16.13-7 and 16.12-10 allow attackers trick victims into changing tracker general settings. This issue is fixed in version Tuleap Community Edition version 17.0.99.1762444754 and Tuleap Enterprise Edition versions 17.0-2, 16.13-7 and 16.12-10.
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
- https://github.com/Enalean/tuleap/commit/993316dd6a291bb3937cb7a4571eaab0e7d55370
- https://github.com/Enalean/tuleap/security/advisories/GHSA-vxfh-h8p6-p5rg
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=993316dd6a291bb3937cb7a4571eaab0e7d55370
- https://tuleap.net/plugins/tracker/?aid=45593
Description
Tuleap is an Open Source Suite for management of software development and collaboration. Versions below 17.0.99.1762431347 of Tuleap Community Edition and Tuleap Enterprise Edition below 17.0-2, 16.13-7 and 16.12-10 allow attackers to access file release system information in projects they do not have access to. This issue is fixed in version 17.0.99.1762431347 of the Tuleap Community Edition and versions 17.0-2, 16.13-7 and 16.12-10 of Tuleap Enterprise Edition.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
References
- https://github.com/Enalean/tuleap/commit/403eb69f4cfafe52254c8f9bdbe66e1fedadc254
- https://github.com/Enalean/tuleap/security/advisories/GHSA-v6vm-6rxf-7p2v
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=403eb69f4cfafe52254c8f9bdbe66e1fedadc254
- https://tuleap.net/plugins/tracker/?aid=45583
Description
IBM watsonx.data 2.2 through 2.2.1 could allow an authenticated user to cause a denial of service through ingestion pods due to improper allocation of resources without limits.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=octapharma-plasma-inc.' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
