Dive Brief:
- LivaNova disclosed that a cybersecurity incident has disrupted “portions” of its information technology systems and continues to cause problems.
- LivaNova, a medtech company that sells cardiac surgery and neuromodulation devices, is trying to mitigate the impact of the incident but warned investors it “has caused, and is expected to continue to cause, disruption.”
- News of the attack comes weeks after Henry Schein took some systems offline in response to a cybersecurity incident. The fallout from that incident dragged on for weeks and affected other companies that work with Henry Schein such as Dentsply Sirona.
Dive Insight:
LivaNova shared details of the cybersecurity incident in a Nov. 20 filing with the U.S. Securities and Exchange Commission. In the notice, LivaNova said it has “detected a cybersecurity incident that has resulted in a disruption of portions of its information technology systems” and said it is taking actions to stop the situation from damaging its business.
London-based LivaNova, which is coordinating with law enforcement, is investigating the incident with the help of external cybersecurity experts. At the time of the notice, LivaNova was still assessing “what information and systems were impacted” and executing a response plan that includes “remediation measures.”
“The company has and will continue to take actions to remediate the issue, such as taking certain systems offline. The incident, however, has caused, and is expected to continue to cause, disruption to parts of the company’s business operations,” LivaNova wrote in the notice.
LivaNova has yet to quantify the fallout of the incident, telling investors that it “cannot determine at this time the extent of the impact from such [an] event on its business, results of operations, cash flows or financial condition.”
Like other publicly traded companies, LivaNova lists cybersecurity incidents as a risk in its disclosures to investors. The company’s annual report, which was published in February, said “unauthorized persons routinely attempt to access our products or systems in order to disrupt, disable or degrade services, to obtain proprietary or confidential information, to make ransom demands, or to remotely disrupt or access the systems of large health care providers.”
At that time, LivaNova had not yet experienced any “material” attacks.