Medtronic says ShinyHunters hackers stole around 9 million medical records in latest attack

Date:
Tue, 28 Apr 2026 14:45:00 +0000

Description:
Medtronic was removed from ShinyHunters' data leak site.

FULL STORY ======================================================================
A ransomware group claims to have stolen millions of records,
though details remain unclear. Medtronic, one of the biggest medical device manufacturers in the world, has confirmed suffering a cyberattack in which crooks accessed data in certain Medtronic corporate IT systems.

In a security notification published on its website, Medtronic said the
attack does not affect its customers or products, and also stressed it will continue operating as usual, without any disruptions: We have not identified any impact to our products, patient safety, connections to our customers, our manufacturing and distribution operations, our financial reporting systems,
or our ability to meet patient needs, Medtronic said in its announcement. The networks that support our corporate IT systems, our products and our manufacturing and distribution operations are separate. Were
subsidiaries affected, too? It said that its hospital customer networks are separate from Medtronic IT networks and are secured and managed by customers IT teams.

Besides the data breach notification, the company also filed a new 8-K report with the US Securities and Exchange Commission (SEC). Some sources have found that a Medtronic subsidiary called MiniMed Group also submitted a regulatory filing, stating that the attack most likely did not spill into its IT system and that it does not expect any material impact.

Medtronic is widely recognized as the largest pure-play medical device manufacturer in the world by revenue. It operates in more than 150 countries and employs just under 100,000 people.

Last week, the infamous ShinyHunters ransomware group added Medtronic to its website , saying they stole more than nine million records. The records allegedly included personally identifiable information (PII) and internal corporate data. Since then, the Medtronic entry was removed from the leak site, suggesting that the company either paid the ransom or is, at least, negotiating the release of the files.

Medtronic has not yet commented on being removed from the data leak website.

Via BleepingComputer

Link to news story: https://www.techradar.com/pro/security/medtronic-says-shinyhunters-hackers-sto le-around-9-million-medical-records-in-latest-attack

$$
--- MultiMail/DOS
* Origin: Capitol City Hub (1:2320/105)