Hello. Nine months after a ransomware attack, New York Blood Center Enterprises is telling donors that some combination of their personal data, financial account information and limited clinical details were compromised.

New York Blood Center, whose eight locations make it a major provider of blood and blood products in the Northeast, has filed notifications in at least five states this month. It hasn’t disclosed the total number of people whose private data was breached.

Hackers broke into its network between Jan. 20 and Jan. 26, the blood center told state regulators, adding that it finished its review of exposed files in late August and began sending letters to those affected Sept. 5.

More news: 

• Rubrik beats earnings estimates
• Accused ransomware leader indicted
• U.S. warns of new industrial vulnerabiltiies 

Data-security company Rubrik reported a narrower-than-expected quarterly loss Tuesday and revenues that beat forecasts. Revenue came in at $310 million for the company's fiscal second quarter, up 51% compared with the same period a year ago. Analyst had estimated about $282 million in revenue. (Investor's Business Daily)

• Full earnings information is here.

Breached: Cornwell Quality Tools is notifying nearly 104,000 people of a data breach stemming from a cyberattack last December. Exposed information includes name and Social Security number, medical information and financial account number, the Wadsworth, Ohio-based company said. Cornwell makes professional tools for auto and heavy-truck repair, distributing them through mobile franchisees across the U.S.

Indicted: The Justice Department has charged a Ukrainian man with serving as an administrator in three ransomware campaigns that hit 250 U.S. companies and healthcare providers "and hundreds more" worldwide. The man, who is at large, allegedly conducted attacks using LockerGoga, MegaCortex, and Nefilim ransomware between December 2018 and October 2021, according to an indictment unsealed Tuesday.

• He worked with partners to customize the ransomware for each target, according to federal prosecutors. They added: "These ransomware attacks caused millions of dollars of losses, including damage to victim computer systems, remediation costs, and ransomware payments to the perpetrators." 
• The State Department is offering up to $11 million in rewards for information that leads to the location, arrest or conviction of the Ukrainian or co-conspirators. 

Guilty plea: A 33-year-old Kosovo man pleaded guilty to crimes related to running an online criminal marketplace known as BlackDB.cc from 2018 until earlier this year. The marketplace sold stolen credentials, credit-card information and other breached personal data, prosecutors said. He faces up to 10 years in prison. A sentencing data hasn't yet been set. 

The WSJ Pro Cybersecurity team is Deputy Bureau Chief Kim S. Nash and reporters Angus Loten, James Rundle and Catherine Stupp. Follow us on X @WSJCyber. Reach the team by replying to any newsletter you receive or by emailing Kim at kim.nash@wsj.com.