[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fkpcvxlDHi6eJ_fJftBf-ja147987aqmlCzRboSs7YO8":3},{"article":4,"iocs":42},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":24,"category":25,"article_tags":29},"745a2f8e-4d21-4dfc-a425-5971e5186ce2","Medtronic Data Breach Impacts 3.8 Million People","medtronic-data-breach-impacts-3-8-million-people-3c0f3b","Medical technology giant Medtronic is notifying more than 3.8 million individuals that their personal and medical information was compromised in a recent data breach. The incident occurred in April 2026, when the infamous extortion group ShinyHunters accessed the company’s corporate IT systems. Medtronic confirmed the attack in late April, noting that its products and manufacturing […] The post Medtronic Data Breach Impacts 3.8 Million People appeared first on SecurityWeek.","Medical device manufacturer Medtronic disclosed a data breach affecting 3.8 million individuals after ShinyHunters accessed its corporate IT systems in April 2026. The threat group claimed to have stolen over 9 million records and terabytes of corporate data, posting the company on its Tor-based leak site before subsequently removing it, suggesting a possible ransom payment. Compromised information includes names, contact details, dates of birth, Social Security numbers, and health-related details; Medtronic is offering 24 months of credit monitoring and identity theft restoration services.","ShinyHunters breached Medtronic, compromising 3.8M individuals' personal and medical data in April 2026.","Medical technology giant Medtronic is notifying more than 3.8 million individuals that their personal and medical information was compromised in a recent data breach. The incident occurred in April 2026, when the infamous extortion group ShinyHunters accessed the company’s corporate IT systems. Medtronic confirmed the attack in late April, noting that its products and manufacturing and distribution operations were not affected. ShinyHunters had added the company to its Tor-based leak site on April 17, claiming the theft of over 9 million records of personal information, and terabytes of corporate data. The group has since removed Medtronic from the website, which suggests that the company might have paid a ransom to recover the stolen information. This week, the medical technology titan started sending written notification letters to the affected individuals, confirming that the hackers stole patients’ personal and medical information, including names, contact details, dates of birth, Social Security numbers, and health-related details.Advertisement. Scroll to continue reading. “We have no evidence that any of that information was posted publicly or exposed on the internet,” reads a copy of the company’s notification letter (PDF) submitted to the California Attorney General’s Office. Medtronic told the Indiana Attorney General’s Office that 3,834,294 individuals were affected by the incident. The company is providing them with 24 months of free credit monitoring, dark web monitoring, and identity theft restoration services. “Medtronic has implemented additional safeguards and continues to work with third-party cybersecurity experts to identify opportunities to further strengthen the security of its systems. Medtronic has also worked with law enforcement and is notifying relevant regulatory authorities,” the company said. Related: Aflac Japan Data Breach Impacts 4.38 Million Related: Nissan Employee Data Breached in Oracle PeopleSoft Hack Related: More Klue Breach Victims Identified as Hackers Get Hacked Related: Xsolis Data Breach Affects 1.4 Million Individuals Written By Ionut Arghire Ionut Arghire is an international correspondent for SecurityWeek. Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights. More from Ionut Arghire ‘BioShocking’ Attack Tricks AI Browsers Into Stealing CredentialsCISA Warns of Actively Exploited Microsoft SharePoint VulnerabilityMicrosoft Adds New Teams Controls to Block Unauthorized AI Bots From MeetingsAdobe Patches Critical ColdFusion, Campaign Classic VulnerabilitiesCitrix Patches NetScaler Vulnerabilities, Including New ‘HTTP\u002F2 Bomb’ AttackApple Patches Dozens of Vulnerabilities Across iOS, macOS, and SafariDawnguard Raises $6.3 Million for Security Architecture Automation PlatformMassive Password Spray Campaign Targeting Azure CLI Latest News Alleged Scattered Spider Hacker Extradited to USGoogle, FBI Disrupt NetNut Residential Proxy Network Powered by Millions of DevicesCritical Cursor AI Code Editor Flaws Could Lead to OS-Level Remote Code ExecutionNew CitrixBleed Vulnerability Exploited Immediately After Public DisclosureHow to Conduct a Successful Audit of AI-Driven Software DevelopmentFortiBleed Campaign Linked to INC, Lynx Ransomware AttacksTrump Administration Lifts Restrictions on Anthropic’s Claude Models After Cybersecurity AlarmCisco Confirms In-the-Wild Exploitation of Unified CM Vulnerability Trending Daily Briefing NewsletterSubscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Webinar: Why Email Security Keeps Failing (And What Has to Change) July 8, 2026 Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more. Register Virtual Event: 2026 Cloud Security Summit July 16, 2026 This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments. Register People on the MoveJames Phillips has been promoted to the role of Vice President, Cybersecurity Risk Management at AT&T.Rafal Los has joined Binary Defense as Chief Strategy Officer.Tracey Mustacchio has joined Everfox as Chief Marketing Officer.More People On The MoveExpert Insights How to Conduct a Successful Audit of AI-Driven Software Development As AI-generated code becomes commonplace, CISOs need new audit strategies to measure developer practices, govern AI tool usage, and identify software risks before they reach production. (Matias Madou) Frontier AI: Six Questions Every Enterprise Should Ask Security Vendors From model selection and automation to validation and measurable results, the right questions can help enterprises separate genuine AI capabilities from marketing hype. (Joshua Goldfarb) The AI Token Costs That Can Break Cybersecurity As cybersecurity platforms embrace agentic AI, organizations must balance detection performance against the escalating costs of token consumption, deployment architecture, and AI credits. (Danelle Au) When Information Becomes the Attack Surface – Understanding AI Agent Traps From hidden content injections to cognitive state poisoning, attackers are turning trusted data sources into traps for autonomous AI. (Etay Maor) What the Latest ShinyHunters Breaches Reveal About Modern Cyberattacks Groups like ShinyHunters are demonstrating that attackers do not necessarily need malware or zero-day exploits to cause massive damage. (Torsten George) Flipboard Reddit Whatsapp Whatsapp Email","https:\u002F\u002Fwww.securityweek.com\u002Fmedtronic-data-breach-impacts-3-8-million-people\u002F","https:\u002F\u002Fwww.securityweek.com\u002Fwp-content\u002Fuploads\u002F2023\u002F01\u002FCybersecurity_News-SecurityWeek.jpg","2026-07-03T10:00:00+00:00","2026-07-03T10:00:26.908396+00:00",8,[18,21],{"name":19,"type":20},"Medtronic","vendor",{"name":22,"type":23},"ShinyHunters","threat_actor","2e06f76c-d5b9-4f54-9eef-4d3447b10730",{"id":24,"icon":26,"name":27,"slug":28},null,"Breaches","breaches",[30,32,37],{"category":31},{"id":24,"icon":26,"name":27,"slug":28},{"category":33},{"id":34,"icon":26,"name":35,"slug":36},"614132b8-5837-4952-b8b5-c6c9a32a1d85","Privacy","privacy",{"category":38},{"id":39,"icon":26,"name":40,"slug":41},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[]]