Medtronic Confirms Cyberattack — ShinyHunters Claim 9 Million Patient and Corporate Records Stolen

Summary

Global medical device giant Medtronic has disclosed a cyberattack on its corporate IT systems. The prolific threat group ShinyHunters has claimed responsibility, alleging they exfiltrated approximately 9 million records from the company’s systems. Medtronic is currently evaluating the full extent of the data exposure.

This marks yet another high-profile target for ShinyHunters, who have been on a spree in recent weeks — claiming breaches at ADT, Instructure (Canvas LMS), and Vimeo (via vendor Anodot). The Medtronic breach is particularly concerning given the company’s role as one of the world’s largest medical device manufacturers, with products implanted in millions of patients globally. The types of data potentially exposed have not been fully disclosed, but medical device companies typically hold sensitive patient health information, device telemetry data, and proprietary engineering data.

Source

📰 Check Point Research — May 4th Threat Intelligence Report

Commentary

ShinyHunters are having a moment. Between ADT (5.5M records), Instructure (275M records), and now Medtronic (9M claimed), this group is operating at industrial scale. The Medtronic breach is especially alarming because medical device companies sit at the intersection of healthcare data (HIPAA-regulated) and critical infrastructure — their devices literally keep people alive.

The healthcare sector continues to be a prime target precisely because the data is valuable (for identity fraud, insurance fraud, and extortion) and because organizations in this space often lag behind in security maturity relative to the sensitivity of what they hold. If the 9 million figure holds up, this will be one of the larger healthcare-adjacent breaches of 2026.