Last updated: July 5, 2026 at 9:01 AM UTC
All 557 Vulnerability 199 Breach 106 Threat 245 Defense 7
Tag: medtronic (2 articles)Clear

Medtronic notifies customers after ShinyHunters breach of corporate systems

Medical device maker Medtronic has begun notifying customers that their personal data was exposed in a breach of its corporate IT systems earlier this year, an attack claimed by the extortion group ShinyHunters. Medtronic noticed unusual activity in mid-April and its investigation found that an unauthorized actor had access between April 13 and 19. ShinyHunters claimed to hold roughly nine million records containing personal and internal corporate data, and Medtronic did not pay, with its listing later removed from the group's leak site. The company says its products, patient safety, and the networks running its medical devices were not affected, crediting separation between corporate and clinical systems.

Check
People who have dealt with Medtronic as customers, patients, providers, or partners should watch for their notification and stay alert to phishing or fraud that references Medtronic or medical accounts.
Affected
Individuals whose personal data sat in Medtronic's corporate IT systems, accessed between April 13 and 19; ShinyHunters claimed about nine million records, though device networks and patient safety were not affected.
Fix
Affected people should monitor for targeted phishing and identity fraud. Organizations should segment corporate IT from operational and clinical systems, harden SaaS and identity against social engineering, and enforce phishing-resistant MFA.

Medtronic confirms breach after ShinyHunters claims theft of 9 million records and terabytes of internal data

Medtronic, the world's largest medical device maker, confirmed a breach of its corporate IT systems in an SEC filing April 24. ShinyHunters had listed Medtronic on its leak site April 18 claiming theft of more than 9 million records of personal data plus terabytes of internal corporate documents, with an April 21 deadline. The Medtronic listing has since been removed - a strong signal the company either paid the ransom or is still negotiating. Medtronic says product safety, manufacturing, distribution, and patient care are unaffected; the breach was confined to corporate IT, which is segregated from device infrastructure. Investigation into what personal data was exposed is ongoing.

Check
If you or staff have ever been a Medtronic patient, vendor, contractor, or applicant, watch for highly-targeted phishing referencing real medical device or employment details.
Affected
Medtronic patients (90,000+ employees, hundreds of millions of patients), suppliers, and former staff are all in scope until Medtronic clarifies what 9M+ records contain. Healthcare organizations sharing patient data with Medtronic for device monitoring, recall tracking, or research are exposed if those communications are in the leak.
Fix
Affected individuals: enable MFA on patient portals, monitor explanation-of-benefits statements, and report any unsolicited medical-device prompt or service call. Healthcare organizations: pull your data-sharing inventory with medical device vendors and confirm breach-notification SLAs. Companies sharing confidential records with Medtronic should assume those documents may be in the leak set.