A Minnesota-based medical device company, Surmodics, reported it suffered a significant cyberattack on the fifth of June. The attack forced the prominent medical device manufacturer to shut down parts of its critical information technology system. The company’s IT team discovered unauthorized access in its network and immediately took many of its systems offline. Surmodics is the largest United States provider of outsourced hydrophilic coatings used on many types of medical devices. Law enforcement has been notified about the incident, according to a recent filing with the U.S. Securities and Exchange Commission.
Surmodics said it has partially recovered from the attack with the help of some third-party cybersecurity experts.
However, the company is still analyzing the full scope and details of the IT data stolen by the hackers. While many of the company’s “critical” IT systems have now been restored, some systems are still being worked on. The hackers who are behind this attack have not yet publicly come forward to claim any responsibility. Surmodics has cyber insurance, which the company expects will cover most of the costs associated with the cyberattack.
During the disruption, the company had to use alternative methods to accept its customer orders and ship products. The company remains subject to various risks due to this cyber incident, including potential future legal litigation. Other risks include a diversion of the company’s management’s attention and possible changes in normal customer behavior. The company is also likely to face increased regulatory scrutiny from government agencies as a result of this.
Surmodics’ concern about potential litigation comes as companies increasingly face class action lawsuits related to data breaches.
The medical device company reported $28 million in revenue during its last quarter before the cyberattack occurred. The company is also in the midst of a federal court case filed by the Federal Trade Commission. The FTC is attempting to stop a private equity firm’s attempt to purchase Surmodics for $627 million. The government is trying to stop the sale because it would combine the two largest manufacturers of these coatings. This incident highlights the significant operational and financial risks that cyberattacks pose to publicly traded manufacturing companies.
Reference:
