Healthcare device firm Medtronic is notifying affected customers about a data breach that exposed their personal data to an unauthorized third party.
The company previously confirmed that its IT systems were compromised by hackers, and the infamous data extortion group ‘ShinyHunters’ claimed the attack.
The threat actor said that they were holding 9 million Medtronic records with personally identifiable information (PII) and internal corporate data.
“On April 15, 2026, Medtronic became aware of unusual activity on certain corporate IT systems,” reads the company's notification sample.
“Medtronic launched an investigation with the assistance of leading third-party cybersecurity experts to determine the impact and scope of the incident.”







