Cyber Incident Victim: Medtronic
Date:
Apr 2026
Location:
United States of America
Summary
Medtronic began notifying individuals potentially affected by a cyberattack that was disclosed earlier, stating it has found no evidence the accessed data has been posted online and offering 24 months of credit monitoring, dark web monitoring and identity theft restoration services along with a dedicated call center. The company said the breach did not affect product security, patient safety, manufacturing or distribution operations and that it does not expect a material impact on its business or financial results. In April it reported that an unauthorized third party accessed data in certain corporate IT systems, though it has not disclosed the type of information involved. Other medtech firms such as Stryker, Intuitive Surgical and iRhythm also reported cyber incidents this year, with Stryker experiencing manufacturing and shipping disruptions, Intuitive Surgical noting a phishing event with no fraud reports, and iRhythm facing a ransom demand for allegedly stolen data.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 0 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In April 2026 Medtronic disclosed that an unauthorized third party had accessed data held in certain corporate IT systems, though the company did not specify the type of data involved. The incident was reported more than two months before Medtronic began notifying potentially affected individuals in early July 2026. At the time of the initial disclosure Medtronic stated that it did not expect to see a material impact on its business or financial results, a position reflected in its filing with the Securities and Exchange Commission.

On Monday July 2 2026 Medtronic posted an update on its website announcing that it had started to notify people who may have been affected by the cyberattack. The company said it currently has no evidence that the accessed data has been posted to the internet or otherwise exposed publicly. As part of its response Medtronic is offering 24 months of complimentary credit monitoring, dark web monitoring and identity theft restoration services to those individuals. It also established a dedicated call center to handle questions from affected parties. In the statement Medtronic emphasized that there is no identified impact to product security or patient safety, including the continued safe operation of its devices and delivery of intended therapy. The company further noted that there are no observed effects on its manufacturing and distribution operations or on its ability to meet patient and customer needs.
Medtronic is one of several medtech firms that reported cyber incidents during 2026. In March Stryker disclosed an attack that halted manufacturing and shipping operations for weeks, with CEO Kevin Lobo telling investors on a May earnings call that the incident had a big impact on results and affected each business differently. In the same week as the Stryker attack Intuitive Surgical reported a phishing incident that compromised customer and employee data, later stating in a June update that no fraud or identity theft had been linked to the breach and that there was no indication the accessed data was misused. iRhythm said last month that certain data was stolen from third‑party hosted business applications, noting that a threat actor claimed to have obtained proprietary information, patient protected health information and other personal data and demanded payment to avoid public disclosure, according to an SEC filing, though the company has not posted a public update on the incident.
