iRhythm Holdings disclosed a data breach after attackers stole patientsβ personal and health information from third-party-hosted business applications and attempted extortion. The company said the intrusion was carried out through social engineering, affected no clinical or medical device systems, and was not yet attributed to a named threat group. #iRhythmHoldings #NovoNordisk
Keypoints
- iRhythm Holdings confirmed a breach involving patient personal and health information.
- Attackers accessed third-party-hosted business applications through social engineering.
- The company received a ransom demand on June 9, 2026.
- iRhythm said clinical systems, medical devices, and financial systems were not affected.
- Novo Nordisk also reported a separate breach involving clinical trials data.