Cyber Incident Victim: Mediplast
Date:
Mar 2024
Location:
Sweden
Summary
A cyberattack targeting Mediplast, a supplier of surgical consumables and medical equipment, disrupted operations for its customers including a regional healthcare provider. The attack risks delivery delays for critical supplies like surgical underlays and specialized operation materials, prompting the affected healthcare entity to activate emergency protocols. While existing inventory mitigates short-term shortages, the organization is assessing priority needs, evaluating substitute products, and exploring alternative suppliers to minimize care disruptions. Ongoing coordination with Mediplast continues amid expectations of prolonged issues, with the healthcare provider also initiating a review of cybersecurity requirements for suppliers following repeated incidents involving vendor IT attacks.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On March 1, 2024, Region Västerbotten activated a regional emergency management stance following confirmed cyberattacks targeting Mediplast, a critical supplier of medical consumables. The attack disrupted Mediplast's IT systems, directly impacting its ability to fulfill orders for surgical supplies essential to the region’s healthcare operations. These supplies included specialized products used during surgeries, such as operating table underlays and other procedure-specific materials. Region Västerbotten confirmed continued access to its standard ordering systems but anticipated significant delivery delays due to Mediplast’s compromised operational capacity. Immediate measures included inventory assessments of existing stockpiles to prioritize high-demand items and identify potential substitutes from equivalent alternative products. Healthcare officials emphasized maintaining service continuity by evaluating secondary suppliers for critical items while avoiding immediate care disruptions due to available reserves.
Region Västerbotten’s incident response focused on logistical coordination, maintaining direct communication with Mediplast to monitor restoration timelines, with initial estimates suggesting system disruptions could persist for several days. Short-term operational stability was deemed manageable due to existing inventory buffers, but contingency planning intensified for scenarios involving prolonged outages. The region’s procurement and logistics leadership highlighted the need to reassess cybersecurity requirements for supplier contracts, noting this marked the second recent cyber incident affecting a critical vendor. No specific threat actor or attack vector was disclosed, and investigations remained ongoing through collaborative supplier-region engagements. Impact assessments were confined to supply chain delays without evidence of data compromise or direct healthcare service interruptions at regional facilities.