Particle.news
Download on the App Store

Medtronic Notifies Customers After April IT Breach Exposed Patient Data

State filings show tens of thousands of Social Security numbers along with health records were accessed, raising identity risks as investigations continue.

Overview

  • Medtronic said an unauthorized actor accessed certain corporate IT systems from April 13 to April 19, 2026, and the company has started sending breach notices to affected customers.
  • State attorney general filings show large, state-level counts of affected people, including more than 297,000 in Texas, 63,534 in Massachusetts and 8,668 in Vermont.
  • The exposed information may include names, contact details, dates of birth, Social Security numbers and health-related data, and Medtronic is offering 24 months of credit monitoring, dark-web monitoring and identity-theft restoration.
  • The threat group ShinyHunters claimed to have stolen 9 million Medtronic records and briefly listed the data online, but that listing was removed and the claim has not been validated by Medtronic or investigators.
  • Medtronic says it has found no evidence the data were publicly posted and that device function and patient safety were not affected, but federal reporting on total records is still pending and patients should watch for identity- and phishing scams that can follow such breaches.