Data Breaches

iRhythm Confirms Data Stolen in Hack

The digital health company said it learned of the breach on June 8 and the attackers demanded a ransom.

Eduard Kovacs

Published

4 days ago

iRhythm hack

iRhythm, a health company specializing in wearable cardiac monitoring technology, has been targeted in a cyberattack that resulted in the theft of information.

The data breach was disclosed by iRhythm, known for its Zio wearable ECG monitor, in a Monday filing with the SEC.

The company said it detected “unauthorized activity involving data maintained on certain third-party-hosted business applications” on June 8. iRhythm noted that the attack involved social engineering, but the targeted application has not been named.

A threat actor contacted the company on June 9, claiming to have stolen sensitive information, including proprietary data and patients’ protected health information. The hackers demanded a ransom to prevent the compromised files from being leaked.

iRhythm has been working with external cybersecurity experts to investigate the breach, and it has confirmed that some data has been stolen, but it has not said whether the threat actor’s description of the compromised data is accurate.

The medical device vendor is still working on determining how many individuals are affected, as well as what type and how much data was stolen.

Advertisement. Scroll to continue reading.

The company said its products, clinical or medical device systems, manufacturing and distribution operations, patient safety, and financial reporting systems were not impacted.

“The incident does not involve the Company’s clinical or medical device systems or connections to customers and the Company does not store or retain individual financial account information or payment card information,” it noted in its SEC filing.

No known ransomware or extortion group appears to have taken credit for the attack on iRhythm.

It’s unclear whether the company has agreed to pay a ransom or engaged with the hackers.

SecurityWeek has reached out to iRhythm for additional information and will update this article if it responds.

In this article:data breach, healthcare, iRhythm

Data Breaches

Kodak Admits Data Breach After ShinyHunters Hack Claims

Kodak told SecurityWeek it believes there is no threat to its systems or operations as a result of the cybersecurity incident.

Eduard Kovacs2 days ago

Data Breaches

Cybercrime Group Claims Novo Nordisk Hack

The hack-and-leak group FulcrumSec claims to have stolen 1.3TB of data from the pharmaceutical giant.

Ionut Arghire4 days ago

Data Breaches

Ozempic Maker Novo Nordisk Says Hackers Breached IT Systems

The pharmaceutical giant says the attackers gained access to personal data stored on the compromised systems.

Eduard Kovacs5 days ago

Data Breaches

French Government Messaging Platform Breached by Mysterious ‘Misere’ Hacker

French officials say roughly 73,000 government accounts were affected, while the threat actor claims to have stolen messages and user data from the sovereign...

Kevin Townsend5 days ago