Medical and utility tech companies hacked by digital intruders
Utility technology company Itron and medical device maker Medtronic disclosed cyber breaches in recent SEC filings. Itron detected unauthorized access on April 13 and stated it has contained the incident without operational impact. Medtronic confirmed an intrusion into corporate IT systems, with hackers claiming to have stolen over 9 million records. Neither company reported impacts to core operations, patient safety, or product systems.
- ▪Itron discovered an unauthorized third-party breach on April 13 and has since remediated the activity without observing further unauthorized access.
- ▪Itron stated the breach did not affect customer-hosted systems or operations and expects most costs to be covered by insurance.
- ▪Medtronic disclosed that an unauthorized party accessed data in certain corporate IT systems, though critical networks remain isolated and unaffected.
- ▪Hacker group ShinyHunters claimed responsibility for the Medtronic breach and threatened to leak data unless an extortion demand was met.
- ▪Medtronic is assessing whether personal information was accessed and plans to notify affected individuals as needed.
Full article excerpt tap to expand
Cyber-crime Medical and utility tech companies hacked by digital intruders Itron, Medtronic disclose breaches in Friday filings Jessica Lyons Mon 27 Apr 2026 // 17:53 UTC Digital intruders recently broke into two major tech suppliers - utility-technology firm Itron and medical-device maker Medtronic - according to filings with federal regulators. Itron, in a late Friday US Securities and Exchange Commission (SEC) filing, said it was notified about the unauthorized third-party break-in on April 13. The $4 billion company that provides smart meters, sensors, and software for energy, water, and city management said it alerted law enforcement and worked with external cybersecurity advisors to investigate the intrusion. <a href="https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2ae-m8YyW2Jxtp0t7utx5pAAAAg0&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0" target="_blank"> <img src="https://pubads.g.doubleclick.net/gampad/ad?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2ae-m8YyW2Jxtp0t7utx5pAAAAg0&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0" alt=""> </a> "The Company took action to remediate and remove the unauthorized activity and has not observed any subsequent unauthorized activity within its corporate systems," according to Itron's 8-K report. "Further, no unauthorized activity was observed in the customer hosted portion of its systems." <a href="https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44ae-m8YyW2Jxtp0t7utx5pAAAAg0&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0" target="_blank"> <img src="https://pubads.g.doubleclick.net/gampad/ad?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44ae-m8YyW2Jxtp0t7utx5pAAAAg0&t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0" alt=""> </a> <a href="https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33ae-m8YyW2Jxtp0t7utx5pAAAAg0&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0" target="_blank"> <img src="https://pubads.g.doubleclick.net/gampad/ad?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33ae-m8YyW2Jxtp0t7utx5pAAAAg0&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0" alt=""> </a> The breach didn't affect Itron's operations, the disclosure said, adding that "Itron currently expects that a significant portion of its direct costs incurred relating to the incident will be reimbursed by its insurers." Itron declined to answer our questions about the breach, including how criminals gained initial access to its systems and whether they deployed ransomware or made an extortion demand. Iran's cyberattack against med tech firm is 'just the beginning' Burglar alarm biz burgled: ADT confirms cyber intrusion after ShinyHunters extortion attempt Chinese attackers are pwning your infrastructure to use in attacks, 10 countries warn Cybersec is a thankless job:…
This excerpt is published under fair use for community discussion. Read the full article at The Register.
Discussion
0 commentsMore from The Register
