Overview
- iRhythm, which identified unauthorized activity on June 8, said it received a ransom demand on June 9 and determined the incident was material on June 10 because of the volume of data involved.
- The company has confirmed that certain data was exfiltrated from third-party‑hosted business applications after attackers used social engineering to gain access to those systems.
- iRhythm has not disclosed how many individuals were affected and it says investigators are still working to define the nature and full scope of the exposed information.
- The firm told regulators it has found no evidence the breach affected its clinical or medical device systems or harmed patient safety and it has not identified ongoing unauthorized access.
- iRhythm processes data from millions of cardiac patients, the breach heightens risks of targeted phishing, identity or medical‑identity fraud and the company said cyber insurance may cover some losses.