Manufacturer of Patient Monitors Continues Recovery After Cyber Attack

Masimo, a California-based manufacturer of patient monitoring devices, has disclosed to the U.S. Securities and Exchange Commission (SEC) that a recent cyberattack has significantly impacted its on-premises systems. This incident has disrupted key operations related to product manufacturing, fulfillment, and distribution.

In its communications, Masimo confirmed that unauthorized activity was detected within its on-premises network on April 27. Following this discovery, the company activated incident response protocols and took immediate measures to isolate affected systems. The ongoing investigation is aimed at evaluating, mitigating, and remedying the situation with the assistance of third-party cybersecurity experts, while law enforcement has also been notified.

During an earnings call following the attack, Masimo CEO Katie Szyman acknowledged the incident’s impact on the company’s operational capabilities, including its website and IT infrastructures. While indicating that this event is not expected to influence financial guidance significantly, Szyman emphasized the sensitivity of the situation, asking analysts to refer to the filed SEC report for further details.

The implications of such an attack raise crucial concerns for Masimo, which reported nearly $2.1 billion in revenue for 2024. The company produces a diverse range of monitoring technologies, such as blood oxygen saturation and pulse rate monitoring systems, which are essential for hospitals, emergency services, and many healthcare providers.

Industry experts suggest that the attack may have involved tactics such as initial access, which is often employed by adversaries aiming to infiltrate a network. Potentially, techniques such as data exfiltration or operational disruption could also have been utilized, prompting scrutiny regarding the integrity of products following such a breach.

Scott Weinberg, CEO of managed services firm Neovera, articulated the immediate concerns that a cyberattack poses for supply continuity, particularly for healthcare facilities relying on devices like pulse oximeters. Product integrity is another significant issue, as there is a possibility that critical software or calibration settings may have been compromised during the attack.

While the exact nature of the breach has not been disclosed by Masimo, the cybersecurity framework referenced by the MITRE ATT&CK Matrix implies that attackers may have utilized various adversarial techniques to achieve their objectives. Past incidents within the medical device sector, such as the ransomware attack on Artivion in 2024, highlight the risks posed by cyber threats to manufacturing and distribution capabilities.

As Masimo works to restore normal operations and ensure the security of its systems, the industry is reminded of the importance of robust cybersecurity strategies. Maintaining resilience in manufacturing and distribution chains is vital for organizations in this sector, especially given the critical nature of their services to public health.