Cyber Incident Victim: Zoll Medical

The Zoll Medical Corporation data breach occurred between November 8, 2022, and December 28, 2022, when unauthorized actors exploited a zero-day vulnerability (CVE-2023-34362) in Progress Software's MOVEit Transfer solution. This third-party managed file transfer application contained protected health information (PHI) and personally identifiable information (PII) belonging to Zoll Medical patients and customers. The threat actors gained access to files stored on the MOVEit server through this security flaw, which allowed them to exfiltrate sensitive data without proper authorization. Zoll Medical discovered the intrusion on January 2, 2023, during routine system monitoring, prompting an immediate investigation with cybersecurity experts to determine the breach scope.

The compromised data included full names, addresses, Social Security numbers, dates of birth, and medical information such as patient diagnoses and treatment details. Zoll Medical confirmed the breach affected 1,004,443 individuals across multiple U.S. states, making it one of the largest healthcare-related incidents stemming from the MOVEit exploitation campaign. The organization began issuing breach notifications to affected parties on January 25, 2023, and submitted mandatory reports to the U.S. Department of Health and Human Services (HHS) and the California Attorney General's office by February 2, 2023. As part of its remediation efforts, Zoll Medical offered 24 months of complimentary credit monitoring and identity theft protection services through Kroll. The company also implemented enhanced security measures on its third-party file transfer systems and conducted a comprehensive review of all vendor-managed infrastructure. No evidence of data misuse was identified during the investigation, though the stolen information remains potentially exploitable for identity fraud purposes.