Medtronic says ShinyHunters hackers stole around 9 million medical records in latest attack

Pro Security Medtronic says ShinyHunters hackers stole around 9 million medical records in latest attack News By Sead Fadilpašić published 28 April 2026 Medtronic confirms the attackers' claims When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. (Image credit: Shutterstock) Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter A major medical device manufacturer disclosed a cyberattack affecting corporate IT systemsThe company emphasized that products, patient safety, and operations remain unaffectedA ransomware group claimed to have stolen millions of records, though details remain unclearMedtronic, one of the biggest medical device manufacturers in the world, has confirmed suffering a cyberattack in which crooks “accessed data in certain Medtronic corporate IT systems.”In a security notification published on its website, Medtronic said the attack does not affect its customers or products, and also stressed it will continue operating as usual, without any disruptions:“We have not identified any impact to our products, patient safety, connections to our customers, our manufacturing and distribution operations, our financial reporting systems, or our ability to meet patient needs,” Medtronic said in its announcement. “The networks that support our corporate IT systems, our products and our manufacturing and distribution operations are separate.”Article continues below You may like ShinyHunters exposes data on Mytheresa, Zara, Carnival, 7-Eleven – over 40 organizations tied up in new data trove which will stay up 'indefinitely' 'An unprecedented blow': US medtech giant Stryker suffers global outage after apparent Iranian cyberattack Hack on French medical site sees over 15 million records leaked, including private health info Were subsidiaries affected, too?It said that its hospital customer networks are separate from Medtronic IT networks and are “secured and managed by customers’ IT teams.”Besides the data breach notification, the company also filed a new 8-K report with the US Securities and Exchange Commission (SEC). Some sources have found that a Medtronic subsidiary called MiniMed Group also submitted a regulatory filing, stating that the attack most likely did not spill into its IT system and that it does not expect any material impact.Medtronic is widely recognized as the largest pure-play medical device manufacturer in the world by revenue. It operates in more than 150 countries and employs just under 100,000 people.Last week, the infamous ShinyHunters ransomware group added Medtronic to its website, saying they stole more than nine million records. The records allegedly included personally identifiable information (PII) and internal corporate data. Since then, the Medtronic entry was removed from the leak site, suggesting that the company either paid the ransom or is, at least, negotiating the release of the files. window.sliceComponents = window.sliceComponents || {}; externalsScriptLoaded.then(() => { window.reliablePageLoad.then(() => { var componentContainer = document.querySelector("#slice-container-newsletterForm-articleInbodyContent-b8RCSvkXCw9nC8uqRUvJPD"); if (componentContainer) { var data = {"layout":"inbodyContent","header":"Are you a pro? Subscribe to our newsletter","tagline":"Sign up to the TechRadar Pro newsletter to…

This excerpt is published under fair use for community discussion. Read the full article at TechRadar.