When you’re a patient at a hospital, it goes without saying that you want your private information to be secure. After all, when it comes to data that needs to be protected, there are few things more privileged than personal health information. But unfortunately, it’s not always the case that that data remains sealed, as a recent breach of a medical device maker illustrates.
Medtronic Admits to Breaches that Occurred Last Year
Medtronic is the biggest name in its field. But that didn’t stop it from experiencing two separate breaches, according to Reuters. One of those incidents reportedly involved the compromising of patient records from the company’s diabetes division. Those records were lost, and the company says it’s been unable to locate them despite its best efforts.
In a filing to the Securities and Exchange Commission, Medtronic stated that, “Medtronic, along with two other large medical device manufacturers, discovered an unauthorized intrusion to our systems that was believed to originate from hackers in Asia,” according to TweakTown.
However, this Asia-based attack is not the incident that resulted in the loss of patient records.
Reporting a malicious incursion — let alone two — always spells bad news for a company, but in Medtronic’s case, the shame of revealing the attacks is only compounded by the fact that the intrusions took place last year. When it comes to company security, this incident provides a case study in what not to do. In a world rife with virtual crime, failing to properly guard against attackers could be the last move your business makes.