Overview
- Medtronic, which disclosed the breach Friday, April 24, says the intrusion was limited to corporate IT systems.
- The company reports no impact to products, patient safety, manufacturing, distribution, or financial reporting.
- ShinyHunters claimed theft of more than 9 million records and set an April 21 ransom deadline, and the listing later disappeared from its leak site.
- Medtronic is investigating any access to personal data after activating response plans and bringing in outside cybersecurity experts.
- The episode reflects rising cyberattacks on medical device makers, with recent incidents at peers delaying surgeries and disrupting care.