Medtronic Data Breach Exposes Data of 3.8 Million, Linked to ShinyHunters
Medical device giant **Medtronic** is notifying over 3.8 million individuals about a data breach potentially linked to the **ShinyHunters** cybercrime group. The incident, initially reported in April, has since revealed that sensitive patient data, including Social Security numbers and health information, was accessed by unauthorized parties.
# Medtronic Confirms Major Data Breach Affecting Millions
**Medtronic**, the world's largest medical device company, has confirmed a significant data breach impacting over 3.8 million individuals. The incident, which came to light through a notification letter released by the **California Attorney General**, reveals that sensitive personal and health-related data were compromised.
## The Breach Unfolds
On April 24, **Medtronic** initially acknowledged unauthorized access to certain corporate IT systems, stating at the time that no connections to customers had been identified. However, a letter dated June 29, now publicly available, clarified the scope of the breach, indicating that patient data collected for product updates and legal obligations was indeed accessed.
## Compromised Data and Response
Hackers reportedly gained access to a range of personal information, including names, contact details, dates of birth, Social Security numbers, and health-related data. While **Medtronic** states it has "no evidence that impacted information has been publicly posted or exposed on the internet," the company is offering affected individuals 24 months of free credit monitoring, dark web monitoring, and identity theft restoration services.
## A Broader Trend in Med Tech
This breach is the latest in a series of cyberattacks targeting the medical technology sector. In March, medical device firm **Stryker** disclosed a cyberattack that resulted in system wipes, attributed by federal prosecutors to Iran-backed hackers. That incident significantly disrupted emergency medical services and hospitals in Maryland, prompting temporary disconnections from **Stryker** systems due to concerns about potential collateral damage.
The increasing frequency and sophistication of these attacks highlight the critical need for robust cybersecurity measures within the healthcare and medical device industries, where data integrity and system availability are paramount for patient safety and operational continuity.