Intuitive disclosed late last week that it was impacted by a ‘targeted cybersecurity phishing incident’ yet emphasised that neither its operations nor its ability to support customers had been adversely impacted.
According to the medtech giant, upon discovery of the incident, the date of which the company did not specifically disclose, Intuitive “quickly activated” its incident response protocols and secured all affected applications.
Go deeper with GlobalData
Discover B2B Marketing That Performs
Combine business intelligence and editorial excellence to reach engaged professionals across 36 leading media platforms.
Intuitive noted that its da Vinci, Ion and digital platforms were not impacted by the incident and continue to be safe and operational. Da Vinci and Ion are both types of robotic systems used in surgeries and biopsies.
Elaborating further, the company said in a statement: “Intuitive’s network infrastructure is segmented. The networks and infrastructure that support our internal IT business applications, our manufacturing operations, and our da Vinci and Ion platforms and digital products are separate.
“Hospital customer networks remain separate from Intuitive networks and are secured and managed by customers’ IT teams, therefore they are also unaffected.”
According to Intuitive, the information accessed was obtained from an employee’s compromised access into its internal business administrative network. Whilst not disclosing exact statistics, Intuitive stated that ‘some’ customer business and contact information, along with Intuitive employee and corporate data, was accessed.
US Tariffs are shifting - will you react or anticipate?
Don’t let policy changes catch you off guard. Stay proactive with real-time data and expert analysis.
By GlobalDataIntuitive concluded by informing customers that it remained in the process of investigating the incident and had notified the appropriate data privacy regulators. The company added that it would share any future updates regarding the incident ‘as appropriate’.
Intuitive’s cybersecurity incident follows a cyberattack on Stryker that impacted its global operations. The attack began in the early hours of 11 March, with Stryker’s headquarters in Cork, Ireland the first site affected by the incident.
Iran-linked hacktivist group Handala claimed responsibility for the cyberattack, claiming in posts on social media platform X and chat service Telegram that it was carried out in retaliation for a missile strike on the Minab school in Southern Iran and in response to the ongoing cyber assault against Iran and its allies.
In a Form 8-K filed with the US Securities and Exchange Commission (SEC), Stryker said the incident caused, and is expected to continue to cause, “disruptions and limitations of access to certain of the company’s information systems and business applications supporting aspects of the company’s operations and corporate functions”.
