INTUITIVE , a United States-based robotic surgery company known for the da Vinci Surgical System and Ion endoluminal system, disclosed a data breach resulting from a targeted phishing attack. According to Security Affairs, threat actors used a compromised employee account to access internal systems, exposing customer contact details, employee data, and corporate information.
The firm says it quickly activated incident response protocols and secured all affected applications, with its da Vinci, Ion, and digital platforms remaining unaffected and its network segmented to keep internal IT systems, manufacturing, and surgical platforms separate. Intuitive noted that hospital networks remain independent and secure, and operations and customer support continue as usual.
The company has not disclosed the attack timeline or the number of impacted individuals, and, at the time of reporting, the incident was fully contained and not expected to materially affect business or finances, with regulators already notified. The notice also states that information from certain internal IT business applications was accessed by an unauthorized third party as a result of the targeted cybersecurity phishing incident.