- A major medical device manufacturer revealed a cyberattack that affected corporate IT systems
- The company emphasized that products, patient safety and operations will not be affected.
- A ransomware group claimed to have stolen millions of records, although details are still unclear
Medtronic, one of the world’s largest medical device manufacturers, has confirmed that it suffered a cyberattack in which criminals “accessed data on certain Medtronic corporate computer systems.”
In a security advisory posted on its website, Medtronic said the attack does not affect its customers or products, and also emphasized that it will continue to operate as usual, without interruption:
“We have not identified any impacts to our products, patient safety, connections with our customers, our manufacturing and distribution operations, our financial reporting systems, or our ability to meet patient needs,” Medtronic said in its announcement. “The networks that support our corporate IT systems, our products, and our manufacturing and distribution operations are separate.”
Article continues below.
Were the subsidiaries also affected?
It said its hospital customers’ networks are separate from Medtronic’s IT networks and are “protected and managed by customers’ IT teams.”
In addition to the data breach notification, the company also filed a new 8-K filing with the U.S. Securities and Exchange Commission (SEC). Sources have learned that a Medtronic subsidiary called MiniMed Group also filed a regulatory filing, stating that the attack most likely did not extend to its IT system and that it does not expect any material impact.
Medtronic is widely recognized as the world’s largest proprietary medical device manufacturer by revenue. It operates in more than 150 countries and employs just under 100,000 people.
Last week, the infamous ShinyHunters ransomware group added Medtronic to their website and claimed that they stole more than nine million records. The records allegedly included personally identifiable information (PII) and internal corporate data. Medtronic’s entry has since been removed from the leak site, suggesting that the company paid the ransom or is at least negotiating the release of the files.
Medtronic has not yet commented on its removal from the data breach website.
Through beepcomputer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds.
