Multinational company Omnicell recently confirmed that it had experienced a data breach following a reported ransomware attack, impacting internal systems.
The company, headquartered in Mountain View, California, USA, learned of the ransomware attack, which it disclosed on May 9 2022 in a 10-Q filing with the Securities and Exchange Commission. More details are likely to be disclosed in the coming weeks.
In the company’s quarterly 10-Q filing, Omnicell stated: “Our IT systems and third-party cloud services are potentially vulnerable to cyber-attacks, including ransomware, or other data security incidents, by employees or others, which may expose sensitive data to unauthorized persons. On May 4, 2022, we determined that certain of our information technology systems were affected by ransomware impacting certain internal systems.”
The company expanded to detail the possible damage of the breach: “Data security incidents could lead to the loss of trade secrets or other intellectual property, or to the public exposure of sensitive and confidential information of our employees, customers, suppliers and others.”
As of May 17, Omnicell has not posted official notice of the breach on its website. However, more information about the Omnicell breach is expected to be made available as the investigation continues.
Various reports this year have highlighted the cyber risks that US healthcare providers are facing. This month, Oklahoma City Indian Clinic (OKCIC) announced that it experienced a data breach exposing personally identifiable information (PII) of nearly 40,000 individuals.
In March of 2022, US Senators proposed a new bill, known as the Healthcare Cybersecurity Act (S.3904), following a White House warning over the increased risk to American healthcare providers from cyber-threats stemming from Russia.