Cyberattacks on medtech companies have surged in recent months. Hackers are now targeting these firms with growing boldness, exploiting everything from phishing emails to sophisticated social engineering manipulation.
iRhythm Holdings, Inc (NASDAQ: IRTC) (FRA: I25) has become the latest victim. On Jun. 8, the company detected a cyberattack that stole data from third-party-hosted business applications. The following day, a threat actor contacted iRhythm, claiming access to proprietary information, patient protected health info and other personal details. They demanded payment to prevent public release of the data.
iRhythm has not publicly stated that it paid the ransom or adhered to the threat actor’s demands. The investigation is currently ongoing and unresolved.
This breach stemmed from social engineering rather than a direct assault on core systems. This refers to the psychological manipulation of individuals into divulging confidential information or performing actions, often for fraudulent or security-bypassing purposes.
Thankfully for iRhythm, investigators found no ongoing unauthorised access. The incident appears to have left the company’s manufacturing, distribution and clinical operations untouched. Patient safety currently remains secure, with no effect on devices or product performance.
“As we actively investigate, we will notify individuals affected by this incident in accordance with applicable law and take steps as needed to protect and remediate the impact to them,” the medtech firm stated.
iRhythm develops cardiac monitoring solutions, such as wearable patches that help doctors detect irregular heart rhythms over extended periods.
Read more: Breath Diagnostics advances pre-op pneumonia screening with FDA breakthrough designation
Medtronic another to get hit
In late April, medical technology major Medtronic PLC (NYSE: MDT) (FRA: 2M6) also fell victim to a cyberattack. Hackers gained unauthorised access to certain corporate IT systems and exfiltrated data.
The international cybercrime group ShinyHunters claimed responsibility, asserting they stole more than nine million records that included personal information.
Medtronic stands as one of the world’s leading medical technology companies. It develops a wide range of devices and therapies that address conditions in areas such as diabetes, cardiovascular health and neurological disorders.
A growing wave of attacks
These events follow closely on the heels of breaches at other major players. In March, Stryker Corp (NYSE: SYK) suffered a destructive cyberattack linked to the Iranian-backed group Handala. The assault wiped systems, disrupted ordering and manufacturing for weeks, and carried clear political motives tied to broader geopolitical tensions. Shares slid by more than 10 per cent in the following weeks.
Handala released a statement on Telegram claiming the attack was in response to a U.S.-Israeli missile strike on an Iranian school in Minab, Iran, on Feb. 28. The group also framed Stryker as a “Zionist-rooted corporation” and positioned the cyber operation as part of Iran’s broader retaliatory campaign following escalating military actions in the Middle East.
Around the same time, Intuitive Surgical Inc (NASDAQ: ISRG) (ETR: IUI1) disclosed a targeted phishing incident that exposed customer contact details and some employee data, though its surgical robotics systems stayed protected.
From criminal extortion rings to state-linked disruptive attacks, medtech firms now navigate risks once reserved for banks or governments.
Read more: Prestigious medtech intelligence firm recognizes Breath Diagnostics for innovation
Follow Rowan Dunne on LinkedIn
rowan@mugglehead.com
