Medtronic Data Breach

4 Likes

The guys say this…

from MiniMed:
* The incident does not impact MiniMed systems or MiniMed customer data.
* There is no impact to MiniMed products or patient care.
* Medtronic has confirmed there is no disruption to operations or the ability to support patients.

I think there was an official statement made.

1 Like

These things are regularly reported. An early third party report, which does not give an references or quote any sources, is here:

Medtronic’s page is here:

The Medtronic news release was apparently April 24 (second entry in the above page).

My reading is that they released a mass of PII including the normal stuff (name, social, etc) but also apparently health data (so HIPAA) that they had recorded. I assume that SkinnyDippers had found their database of pump records (insulin delivery, BG etc) but of course I don’t know.

The PII stuff is routiine; surely everyone knows my social by now? The health data, if I interpreted the lawyerly text correctly, is more serious.

It’s weird because common sense says that logs of individual activity (insulin basal, bolus, BG) should be retained in a separate database either disconnected from individual PII or using a key stored in a third, secure, location so that the health data cannot be tied back to a personally identifiable individual.

Anyway, anyone affected can get a free 24 months of spam from Equifax, Experian, TransUnion and, of course Expletive. A most valuable addition to the excellent spam from Google, FaceBook and Twitter.

I wonder how much data SkinnyDippers actually got and whether all Medtronic’s competitors have got their bitcoin out to buy some, or all, of it.

[Author’s note: the author retains copyright of this message and places it in the Public Domain for use as others see fit. Insofar as this information contains the author’s PII the author permits any and all use of that PII in comments, communication and any other matter that the Federal government may encounter. Any references to entities real or imaginary are entirely ironic and the author’s knowledge of anything that happens IRL is less than any reader’s.]

I’m paranoid about this now because there’s been a big run of cyber criminals stealing people’s homes. It’s been bad out there latley.

Healthcare data is the most common source of hacked data that leads to identify theft because they have EVERYTHING. I just handled one of these events and it was nightmarish. It took a full 2 weeks of work to handle it.

I’m hiding some info inside this post.

Did I tell you that I bumped into the person who made the decision to shut down Tu? I did. It was enlightening. But I’m not gonna talk about it because I don’t think anyone would love what she said. I addressed misconceptions. Just know that.