Medical technology titan Medtronic has confirmed that its systems have been hacked after the notorious ShinyHunters group claimed to have stolen millions of records.
One of the world’s largest medical technology companies, Medtronic provides a wide range of solutions, from pacemakers to surgical robots. It employs more than 95,000 people across 150 countries.
“We have not identified any impact to our products, patient safety, connections to our customers, our manufacturing and distribution operations, our financial reporting systems or our ability to meet patient needs,” Medtronic said.
“The networks that support our corporate IT systems, our products and our manufacturing and distribution operations are separate. Hospital customer networks remain separate from Medtronic IT networks and are secured and managed by customers’ IT teams,” it added.
The company has yet to confirm the theft of data, but says it’s “working to identify any personal information that may have been accessed”.
The ShinyHunters cybercrime group listed Medtronic on its leak website on April 17, claiming to have compromised more than 9 million records containing personal information, along with terabytes of corporate information. The hackers gave the company until April 21 to pay a ransom, threatening to leak the stolen data.
Medtronic has since been removed from ShinyHunters’ website, indicating that the organization may have paid a ransom.
SecurityWeek has reached out to Medtronic for comment and will update this article if it responds.
Medtronic’s diabetes-focused subsidiary MiniMed submitted a report to the SEC, stating that its own IT systems have not been affected by the incident.
Related: Medtronic Recalls Medical Devices Due to Security Risks That Can Lead to Injury, Death
Related: Medical Device Maker UFP Technologies Hit by Cyberattack