Medical device firm UFP says backup data systems deployed following cyberattack
A large medical device manufacturer reported a cyberattack to federal regulators on Tuesday evening, warning investors that some company data was stolen or destroyed.
UFP Technologies filed a notice with the Securities Exchange Commission (SEC) explaining that the company discovered a cyberattack on February 14 that required it to isolate some IT systems, launch an investigation and eventually restore data using backups.
The company said it initially discovered suspicious activity before calling in assistance from outside cybersecurity experts.
The hackers involved in the incident, who have not come forward as of Wednesday, were removed from UFP Technologies’ systems, according to the SEC filing. Company officials are now able to access information affected by the attack “in all material respects.”
“The incident appears to have impacted many but not all of the Company’s IT systems and affected functions such as billing and label making for customer deliveries. Certain Company or Company-related data appear to have been stolen or destroyed,” the company said.
“Although the Company has ascertained that certain files were exfiltrated, it is still investigating the extent of any sensitive information contained in the accessed systems, including whether any personal information was exfiltrated.”
Massachusetts-based UFP Technologies said most of the costs associated with the incident will be covered by its cyber insurance.
UFP Technologies creates single-use and single-patient medical devices for minimally invasive surgery, infection prevention, wound care, orthopedic implants and more. The company reported $154.6 million in sales last quarter.
Medical device manufacturers like UFP Technologies have repeatedly warned the SEC over the last year of cyberattacks impacting their ability to fulfill customer orders. Masimo, Surmodics, Artivion and others have reported ransomware attacks and cyber incidents that damaged shipping processes and impacted their financial standing.
Jonathan Greig
is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.