Rotech Healthcare, a U.S.-based medical devices provider, is grappling with the aftermath of a cybersecurity breach linked to its partner, Philips’ Respironics unit. The breach came to light when Respironics identified a privacy incident on June 5, revealing that an unauthorized third party exploited software to access information stored on its server. The breach involved breathing devices and ventilators used to treat sleep apnea.
Upon discovery, Respironics swiftly secured its systems and initiated a thorough investigation. The breach, traced back to May 31, 2023, exposed files containing potentially sensitive patient information. Philips, the parent company of Respironics, confirmed that the incident involved MOVEit Transfer, a third-party software application used for transferring patient files containing therapy data. Rotech Healthcare is currently reviewing a patient list provided by Respironics, aiming to assess the extent of the impact and address potential risks.
The incident underscores the vulnerability of healthcare systems to cyber threats and emphasizes the need for robust cybersecurity measures to protect patient data and ensure the integrity of medical devices.
Reference:
