CybersecurityJuly 6, 2026· via Security Affairs

Medtronic reveals data breach affecting 3.8 million patients

Medtronic reveals data breach affecting 3.8 million patients

Image : Security Affairs

Medtronic, the world’s largest medical device manufacturer, has notified 3.8 million patients that their personal and medical data was exposed in a cyberattack by the ShinyHunters extortion group. The company confirmed that while corporate IT systems were breached, its products, patient safety, and manufacturing operations remained unaffected.

A targeted intrusion with limited impact

Medtronic reported that an unauthorized party accessed certain corporate IT systems between April 13 and April 19, 2026. The company acted quickly, launching an investigation with external cybersecurity experts and containing the breach. Despite the intrusion, Medtronic emphasized that its product networks, manufacturing operations, and hospital customer systems remained separate and secure. “We have not identified any impact to our products, patient safety, connections to our customers, our manufacturing and distribution operations, or our financial reporting systems,” the company stated.

Data exposed, but no evidence of public leak

The stolen data may include names, contact details, dates of birth, Social Security numbers, and health information from patients with Medtronic devices. Medtronic is still assessing the full scope of the breach but has found no evidence that the data has been publicly released. The company is notifying affected individuals and offering support, as it continues to work with investigators to determine the extent of the exposure.

The attack came to light after ShinyHunters added Medtronic to its Tor data leak site in April, claiming to have stolen over 9 million records. The group initially demanded a ransom by April 21 but later removed Medtronic’s listing. While the breach raises concerns about patient privacy, Medtronic’s swift response and clear separation of critical systems suggest no disruption to device functionality or patient care.


Source: Security Affairs. AI-assisted editorial synthesis — TechnoExpress.

Read the original source on Security Affairs →

← Back to home