Medical device giant Medtronic has confirmed a data security incident affecting its corporate IT systems following claims by a cybercrime group that millions of records were stolen.
The company said last week an unauthorized party accessed certain internal systems but reported no disruption to products, patient safety or operations.
The disclosure follows allegations by ShinyHunters, which listed the firm on its leak site in mid-April. The group claimed to have exfiltrated more than nine million records containing personal information, along with large volumes of internal corporate data.
Medtronic has not verified those figures and said it is still investigating the scope of the incident.
According to Medtronic, the intrusion was limited to specific corporate IT environments. The company also emphasized that hospital networks used by customers are managed independently and were not exposed through this incident.
More Info