A leading manufacturer of cardiac implants and devices has revealed that it was hit by a ransomware attack back in November.
Artivion makes stent grafts, heart valves, prosthetics and other products to help cardiac and vascular surgeons perform life-saving operations.
However, the firm admitted in an SEC Form 8-K filing on Monday that it suffered a serious “cybersecurity incident” on November 21.
Although the company didn’t refer to ransomware specifically, the incident bears all the hallmarks of such an attack, as it apparently “involved the acquisition and encryption of files.”
Artivion claimed that the breach has not, and “is not reasonably likely to have,” a material impact on its finances or operations. However, it revealed a certain amount of near-term disruption.
“The company continues to provide its products and services to customers, but the incident has caused disruptions to some order and shipping processes, as well as to certain corporate operations, which have largely been mitigated,” it noted in the filing.
“The company has and will continue to incur expenses related to its response to this incident, and the company believes it has adequate insurance coverage. However, the company believes that it will incur additional costs that will not be covered by insurance. The company remains subject to various risks due to the incident, including the impact of delays in restoration, and, as a result, cannot provide assurances that the incident will not be determined to have a material impact in the future.”
According to the filing, Artivion was forced to take some systems offline following discovery of the breach. It also engaged external legacy, security and forensics professionals to assist in the aftermath.
It’s unclear how many files were encrypted and/or stolen by its attackers.
“The company is working to securely restore its systems as quickly as possible and to evaluate any notification obligations,” the company said.
Healthcare organizations remain popular target for ransomware actors given the large volumes of sensitive information they hold and the need for continuous uptime.
More than a fifth (21%) of ransomware attacks targeted the sector in the past 12 months, up from 18% in the previous year, according to a Barracuda study published in August.