Intuitive Surgical, a U.S.-based company specializing in robotics-assisted surgical systems, said that it was hit with a cyberattack.
WATCH: Preparing for the Inevitable Uptick in Iranian Cyberattacks on U.S. Manufacturers
The company said it determined that information from certain internal IT business applications was accessed by an unauthorized third party as the result of a targeted cybersecurity phishing incident. The information accessed was obtained from an employee’s compromised access, and it included some customer business and contact information, as well as Intuitive employee and corporate data.
"Upon discovery, we quickly activated our incident response protocols and secured all affected applications," the company said. "Our da Vinci, Ion and digital platforms were not impacted and continue to be safe and operational."
The security breach at Intuitive comes after Stryker, another U.S. medtech firm specializing in surgical and orthopedic applications, also suffered a cyberattack. The company last week said a targeted attack disrupted its global networks. The event, which was traced back to Iranian hacker group Handala, was contained to Stryker’s internal Microsoft environment, and as a result it did not affect any of the company's products—connected or otherwise.
The origins of the cyberattack on Intuitive are still unconfirmed.
Intuitive said its network infrastructure is segmented, meaning the networks and infrastructure that support its internal IT business applications, manufacturing operations, and da Vinci and Ion platforms and digital products, are separate. It also said that hospital customer networks remain separate from Intuitive networks and are secured and managed by customers’ IT teams, therefore they are also unaffected.
"There has been no impact on our operations or the work we do to support our customers," the company said. "Our robotic systems have their own security protocols and operate independently of our internal business network."
