Exactech, a global medical device company specializing in implants and surgical instruments, has fallen victim to a data breach that occurred in April 2023, exposing the personal information of individuals. The company discovered unusual activity on its computer network during this period and subsequently conducted an investigation, revealing that certain files were likely downloaded without authorization between April 4th and 20th. The compromised data encompasses a range of sensitive information, including names, Social Security numbers, financial details, credit/debit card information, health insurance and medical data, usernames, emails, passwords, and other personal particulars. Although the exact number of victims was not specified, a data breach notification submitted to the Office of the Maine Attorney General indicated that 4,230 individuals were affected.
Exactech promptly took measures to identify potentially affected individuals and has initiated contact with them by mailing written notices. The company notified federal law enforcement and relevant regulatory authorities about the breach and affirmed that, as of the current investigation, there is no evidence of personal information being misused beyond the initial unauthorized download. While urging affected individuals to remain vigilant, Exactech advises them to monitor account statements and leverage free credit reports to identify any suspicious activity or errors. This incident underscores the ongoing challenges and risks organizations face in safeguarding sensitive personal data against cyber threats and the importance of proactive measures to mitigate potential impacts on individuals affected by such breaches.
Reference:
