Zoll Medical Corp. said a cyberattack may have exposed protected health information of current and former employees, dependants and beneficiaries. Chelmsford, Massachusetts-based Zoll — an Asahi Kasei company — characterized the incident as a “sophisticated email phishing attack” that targeted a Zoll employee. Phishing attacks use seemingly trustworthy communications via emails, text messages or even […]
Cybersecurity
Henry Schein reports more disruption as cyberattackers take credit
Henry Schein said today that it is working to bring its ecommerce platform back up after more problems related to its cyberattack. The medical device manufacturer and distributor said last week that its ecommerce platform and other applications were unavailable and that “the threat actor from the previously disclosed cyber incident has claimed responsibility.” Today, […]
Another medtech company reports a cybersecurity incident
LivaNova says it’s the latest victim of a cybersecurity incident. The London-based device developer disclosed the cybersecurity incident in a Securities and Exchange Commission filing this week, saying the incident disrupted portions of its information technology systems and business operations. “Promptly after detecting the issue, the company began an investigation with assistance from external cybersecurity […]
Henry Schein confirms data breach, details financial impact of cyberattack
Henry Schein warned customers and suppliers today that their sensitive information may have been exposed in a cyberattack. The medical device manufacturer and distributor first disclosed the cyber security incident on Oct. 15. Then, this month, a ransomware gang known as BlackCat/ALPHV said they encrypted the company’s systems and stole 35 TB of sensitive data. […]
Cyber gang threatens to release Henry Schein data in ransomware attack
A cyberattack group known as BlackCat is threatening to release Henry Schein data unless the medical device manufacturer and distributor pays a ransom. BlackCat (also known as ALPHV, both named after the ransomware of the same name) said they’ve encrypted Henry Schein’s systems after failed negotiations with Coveware, which describes itself as “ransomware recovery first […]
BD discloses 8 cybersecurity vulnerabilities with Alaris infusion system
BD today voluntarily posted a product security bulletin for a number of vulnerabilities with its Alaris infusion system. Franklin Lakes, New Jersey-based BD recently identified eight vulnerabilities. These vulnerabilities are associated with the BD Alaris system with Guardrails Suite MX, versions 12.1.3 and earlier. The company discovered the vulnerabilities through routine internal security testing as […]
CISA warns on cybersecurity vulnerability for Medtronic cardiac device data workflow system
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a warning on the Medtronic cardiac device data workflow system. This vulnerability affects Paceart Optima systems, versions 1.11 and prior. CISA lists the vulnerability as the deserialization of untrusted data, “exploitable remotely” with “low attack complexity.” The agency says successful exploitation could result in a remote […]
Zoll data breach affects more than 1 million people
More than 1 million people may have had personal data compromised during a recent hacking of Zoll Medical’s systems. That’s according to a notice that Zoll filed with Maine’s attorney general, one of a number filed with federal and state agencies since the data breach in late January. Operated out of Massachusetts, Zoll is an […]
BD issues vulnerability warning for Alaris infusion monitoring software
BD (NYSE:BDX) today issued a voluntary notification regarding cybersecurity vulnerabilities with its Alaris Infusion Central software. Alaris Infusion Central, a standalone software — separate from pumps — provides data from the Alaris pumps. It allows healthcare providers to monitor infusion data sent from Alaris Plus and Alaris neXus pumps on a computer. Alaris Infusion Central […]
Glooko picks up security certification for diabetes patient management platform
Glooko announced today that it received ISO 27001 certification for its data management and remote patient monitoring platforms. Palo Alto, California-based Glooko develops remote patient monitoring and chronic care management products. These include data management technologies for insulin delivery devices. ISO 27001, an international compliance framework, serves as the international security standard for protecting customer […]
How BD is getting more proactive about medtech cybersecurity
Medtech giant BD today detailed how it has taken proactive steps to ensure medtech cybersecurity in an increasingly critical environment. “Medical device cybersecurity has become more critical than ever as the number of smart, connected devices grows and healthcare expands into more care settings, including patient homes,” said Rob Suárez, the company’s chief information security […]