Artivion, a leading manufacturer of heart surgery medical devices, has disclosed a November 21 ransomware attack that disrupted its operations and forced it to take some systems offline.
The Atlanta-based company employs over 1,250 people worldwide and has sales representatives in more than 100 countries. It also operates manufacturing facilities in Atlanta, Georgia; Austin, Texas; and Hechingen, Germany.
"Artivion's response measures included taking certain systems offline, initiating an investigation, and engaging external advisors, including legal, cybersecurity, and forensics professionals to assess, contain, and remediate the incident," the company
revealed in a Monday 8-K filing with the U.S. Securities and Exchange Commission (SEC).
While Artivion hasn't directly mentioned ransomware in its SEC filing, it disclosed that the attackers encrypted some of its systems and stole data from compromised systems.
"The incident involved the acquisition and encryption of files. The Company is working to securely restore its systems as quickly as possible and to evaluate any notification obligations," it stated.
The company added that disruptions to its corporate operations, order processing, and shipping have mostly been addressed and that insurance coverage will cover the expenses related to incident response. However, Artivion believes it will incur additional costs not covered by insurance.
