Medtronic Discloses Data Breach Affecting Customer Information
Medtronic, a global healthcare technology company, is notifying its customers about a data breach that resulted in the exposure of personal data to an unauthorized third party. The company confirmed the incident, stating that it became aware of the unauthorized access to its systems. This breach is attributed to the cybercriminal group ShinyHunters, known for targeting organizations to steal sensitive information.
The scope of the data compromised includes personal details of Medtronic customers. While the company has not disclosed the exact number of individuals affected or the specific types of data exfiltrated, it has initiated a notification process for all impacted parties. Medtronic has stated that it is working with cybersecurity experts to investigate the incident thoroughly and to enhance its security measures to prevent future occurrences. The company has also reported the incident to relevant regulatory authorities as required.
ShinyHunters has a history of conducting similar attacks, often selling stolen data on dark web forums. The group's modus operandi typically involves exploiting vulnerabilities in corporate networks to gain access to customer databases. Medtronic's disclosure follows a pattern of increasing cyberattacks targeting healthcare organizations, which hold vast amounts of sensitive personal and medical information, making them attractive targets for cybercriminals. The company is advising customers to remain vigilant against potential phishing attempts or identity theft.
Original source — read the full reporting at the publisher:
Read on BleepingComputer