September 29, 2023

A supplier of expertise for coronary heart monitoring and medical electrocardiograms confirmed on Wednesday that it was responding to a cyberattack on its techniques.

The web site for the corporate, CardioComm, was down as of Wednesday afternoon. The incident was first reported by TechCrunch.

The Canada-based firm sells merchandise for recording, viewing, analyzing and storing electrocardiograms (ECGs) for prognosis and administration of cardiac sufferers.

CardioComm notes on a short lived webpage that every one of its on-line companies had been down because it labored to resolve the problem. There’s a telephone quantity for these in want.

Representatives for the corporate didn’t reply to requests for remark about whether or not it was a ransomware assault. In a press release, CardioComm stated that the incident seems to be restricted to its personal servers.

“There is no such thing as a proof that clients’ well being info was compromised because of this assault since CardioComm’s software program is designed to run on every shopper’s personal server environments,” the corporate stated. “Additional, CardioComm doesn’t accumulate affected person well being info from its shoppers. The Firm has initiated identification theft precautions ought to any worker private info have been compromised to attenuate the influence on its workers.”

The corporate stated it’s launching an investigation with “related authorities” and cybersecurity consultants to find out the “supply and extent of any information breach.”

“CardioComm’s enterprise operations shall be impacted for a number of days and doubtlessly longer relying how rapidly the Firm is ready to restore its information and re-establishes its manufacturing server environments,” the assertion stated.

The short-term CardioComm webpage.

The merchandise affected embrace World Cardio 3 — which is used to document affected person electrocardiograms (ECGs), create ECG stories and ship them to docs — in addition to the corporate’s GEMS Flex 12 and GEMS Residence Flex add.

The outage additionally impacted The HeartCheck CardiBeat, a small handheld ECG monitor that may seize a variety of arrhythmias resembling tachycardia and atrial fibrillation. The machine won’t be able to document and add information, the corporate stated.

The GEMS Cell ECG app can also be unable to document and add information.

CardioComm is the primary firm to obtain Canadian and American medical machine clearances to promote handheld ECG screens on to shoppers.

Earlier this month, the Cybersecurity and Infrastructure Safety Company (CISA) warned of a extreme vulnerability in a cardiac machine from medical machine firm Medtronic.

In September, the FBI warned that lots of of vulnerabilities in extensively used medical units are leaving a door open for cyberattacks.

The FBI particularly cited vulnerabilities present in intracardiac defibrillators, cellular cardiac telemetry and pacemakers, noting that malicious hackers might take over the units and alter readings, administer drug overdoses, or “in any other case endanger affected person well being.”

Get extra insights with the

Recorded Future

Intelligence Cloud.

Study extra.

Jonathan Greig

Jonathan Greig is a Breaking Information Reporter at Recorded Future Information. Jonathan has labored throughout the globe as a journalist since 2014. Earlier than shifting again to New York Metropolis, he labored for information shops in South Africa, Jordan and Cambodia. He beforehand coated cybersecurity at ZDNet and TechRepublic.