As outlined in The Register, medical device manufacturer Medtronic is notifying patients that their personal and health information may have been compromised in a cyberattack that occurred in April. The breach involved unauthorized access to the company's corporate network over a period of nearly a week.The incident, detected on April 15, saw unauthorized access to Medtronic's corporate systems between April 13 and April 19. Compromised data includes names, contact details, dates of birth, Social Security numbers, and health information, collected by Medtronic for product updates and regulatory compliance. While Medtronic states there is no evidence the data was publicly posted or exposed online, it remains unclear if attackers exfiltrated copies. The company has confirmed that the attack did not affect the functionality or safety of its medical devices, nor did it impact manufacturing, distribution, or patient care.The extortion group ShinyHunters claimed responsibility and listed Medtronic on its dark web leak site, alleging the theft of over nine million records, though the listing was later removed. Medtronic has not publicly attributed the attack or mentioned ransomware demands. The company is offering affected individuals two years of credit monitoring and identity restoration services and has implemented additional security measures.Source: The Register
Breach
Medtronic warns patients of data exposure following April cyberattack

(Photo by: Michael Siluk/Education Images/Universal Images Group via Getty Images)
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
Related Terms
Attack VectorYou can skip this ad in 5 seconds



