Ransomware attack hits medical device manufacturer

LivaNova’s employees have been affected by a ransomware attack, which LockBit claims to be responsible for.

UK-based medical device manufacturer LivaNova has informed affected individuals that a “cybersecurity incident” affected the personal data of current and former employees.

The breached information includes:

  • Name
  • Telephone number
  • Email
  • Address
  • Social Security number
  • Date of birth
  • Financial account information
  • Health insurance information
  • Online credentials
  • Work-related information, such as employee ID, compensation, disability status, and evaluations

The company was hit by a ransomware attack that disrupted its IT systems on October 26th, 2023. The LockBit ransomware group has claimed responsibility for the attack. On December 9th, the gang published a notice on its website, claiming to have 2.2TB of the organization's data.

In its breach notification sent to affected individuals, LivaNova states that it “quickly took steps to protect its systems and data and to mitigate the impact of the incident, including shutting down certain systems and requiring personnel to change their passwords.”

The company is offering the affected individuals two years of identity protection and credit monitoring services free of charge.