SEC Report that Hackers stole Heart Monitoring Data and made a Ransomware Demand!

HealthCareInfoSecurity.com reported that “Cardiac monitoring firm iRhythm told US federal regulators that sensitive patient information and "proprietary" data was stolen in a recent hack. A cardiac monitoring firm that helps millions of patients diagnose and track cardiac arrhythmias says hackers stole proprietary data and patient health information and demanded a ransom. The company didn't say whether it paid.” The June 17, 2026 article entitled " Heart Monitoring Firm Tells SEC Hackers Stole Sensitive Data” (https://tinyurl.com/4e86bh55) included these comments:

 San Francisco-based iRhythm Technologies told the U.S. Securities and Exchange Commission that hackers stole the data from "certain" third-party-hosted business applications. An SEC filing on Monday said the company discovered "unauthorized activity" on the hosted systems on June 8.

The following day, iRhythm received demands from a threat actor for an undisclosed payment in exchange for not publicly releasing the stolen data, including proprietary data, patient protected health information and other personal information, the company said.

"On June 10, the company determined that the incident is material in light of the volume of the potentially affected data," iRhythm told the SEC.

The company in a public statement about the incident posted on its website said it has not identified "any impact" to its products, clinical or medical device systems, connections to customers, manufacturing and distribution operations, or patient safety.

"We do not store or retain individual financial account information or payment card information," iRhythm said.

Anyone surprised?