Zoll Suffers Massive Data Breach

Hackers got ahold of personal data on more than 1 million current and former patients who use Zoll's wearable defibrillator. The incident does not affect the safety or operation of Zoll's devices or software.

Amanda Pedersen

March 15, 2023

5 Min Read
Abstract modern tech of programming code screen with warning alert of system hacked. Virus, malware, cyberattack, and
Image credit: Peach_iStock / iStock via Getty Images

Zoll Medical recently reported a cybersecurity incident in which hackers got ahold of personal data on more than 1 million patients (current and former) who use the Zoll LifeVest wearable cardioverter defibrillator. A company spokesperson told MD+DI that the data breach does not affect the safety or operation of the LifeVest or any other Zoll medical device or related software.

The Chelmsford, MA-based company said it is in the process of notifying people whose information may have been affected by the incident. Matt Hogan, director of corporate communications at Zoll, said there is no indication that any patient data has been misused.

"We deeply regret any inconvenience or worry that this situation causes any of our LifeVest patients," Hogan said.

In a government filing, Zoll noted that a total of 1,004,443 people were impacted by the data breach, which occurred between January 28 and January 29. The filing notes that the breach was discovered on January 28, however the company just issued the data security notice on March 10. According to the notice, Zoll confirmed the breach on February 2.

Hackers were able to acquire patient names and other personal identifiers in combination with social security numbers.

For those whose social security numbers were affected by the data breach, Zoll is offering identity theft protection services through Experian IdentityWorks for 24 months. The protection is also being offered to current and former employees and their dependents for 36 months. These services include identity theft protection and restoration as well as credit monitoring.

Cybersecurity data breach: it's not if, it's when

Young male doctor sharing data is exposed to cybersecurity vulnerabilities. Health IT concept for network security, data breach, cyberattack.

Any cybersecurity expert will tell you it's not a matter of if your organization will experience a cyberattack, but when.

MD+DI has published a plethora of cybersecurity advice for medical device manufacturers over the years as these concerns have escalated with the increased use of connectivity in healthcare. In one such piece, published in 2021, Shannon Flynn writes about the two major cybersecurity challenges currently facing medical device companies.

The first challenge, Flynn writes, is that "the structure of modern networks increasingly nudges the odds in hackers' favor." A growing number of networked medical devices and larger global systems often makes it harder to effectively defend against attacks. A smart machine, the network it is connected to, and its applications can all provide an attack surface for hackers.

"The unique nature of some medical devices can also make them particularly hard to keep secure," Flynn writes. "Hospitals may have little room for downtime in equipment like smart patient monitors, which can make following a manufacturer patching schedule difficult. Implanted machines may be difficult or expensive to replace, making vulnerabilities in hardware or firmware much more challenging to manage."

The second challenge is a talent issue. Cybersecurity professionals are in short supply, and the industry has struggled to build an effective talent pipeline that can supply businesses with the experts they need. This talent gap is likely to last well into the future.

"At the same time, those professionals currently in the field are under growing pressure to manage the rise in cyberattacks with limited resources, It’s not uncommon for cybersecurity teams to struggle with burnout as a result," Flynn writes.

While the typical solutions to cyberattacks are still effective — like encryption and network monitoring — sometimes they aren’t enough.

More often, businesses are solving these challenges with automated solutions. They often help teams do more with their resources — improving efficiency and reducing the workload on cybersecurity professionals.

Cybersecurity Threat Prediction for Medical Devices

Medical device manufacturers looking for automated solutions in device security have considered one of the many ways AI is reshaping the healthcare industry — such as predicting cybersecurity threats. Such solutions use artificial intelligence or big data-enabled predictive analytics. Data gathered from the network, combined with historical security information, is analyzed by an algorithm that calculates the likelihood of future network events, like an attempted data breach.

At the same time, the user may apply cybersecurity tactics like the use of backups, a proactive measure that helps ensure critical data isn’t destroyed, even if an attack is successful.

This combination of tactics is different from some conventional cybersecurity approaches, which often involve after-the-fact responses to threats.

Once an attempted attack is detected, experts work to find out where it came from and how to prevent others like it in the future. Much of this defense is signature-based, meaning cybersecurity workers or on-device security technology will look for combinations of data that are unique to attacks.

Threat prediction goes one step further by using predictive analytics to proactively scan the network for vulnerabilities and attack vectors before hackers can target them.

The same algorithms continue to gather network data over time after they are deployed. This allows them to build a kind of self-learning system that can continuously develop new analyses on network vulnerabilities and hacker tactics. It also enables cybersecurity teams to go beyond signature-based defenses, allowing them to defend against attacks with unique signatures.

In practice, this tech has already been used for DDoS attack detection in IoT devices, Flynn writes. Experimental models found that the approach can detect these attacks with an accuracy rate of 97.16%.

These predictive algorithms could provide medical device manufacturers with protection and a valuable source of information on hacker behavior. Over time, this data could enable the development of more-effective on-device security technology, allowing companies to stay one step ahead of attackers looking to access patient medical data.

Using Threat Prediction to Defend Patient Data

The growing threat of cyberattacks means medical devices may become more difficult to protect over the next few years.

Because reactive cybersecurity strategies are becoming less workable, automated, and proactive methods may become essential to medical device manufacturers, Flynn points out. Approaches like threat prediction cybersecurity can help them prepare for attacks before they happen, reducing the risk of data breaches and unauthorized access of patient data.

About the Author(s)

Amanda Pedersen

Amanda Pedersen is a veteran journalist and award-winning columnist with a passion for helping medical device professionals connect the dots between the medtech news of the day and the bigger picture. She has been covering the medtech industry since 2006.

Sign up for the QMED & MD+DI Daily newsletter.

You May Also Like