Medtronic Inc. admitted on Friday to losing some patient records last year, after two separate cyber attacks compromised their information database.
The medical device company reported in a filing at the U.S. Securities and Exchange Commission that hackers from Asia were able to enter their system and steal some diabetes patients' records. The company was uncertain of the types of information compromised during the attacks. The data were not disclosed publicly, but they could not retrieve them anymore.
"While we found no evidence of a breach or inadvertent disclosure of the patient records, we were unable to locate them for retrieval," the document said, quoted by Reuters.
Aside from Medtronic, there were two other companies that lost some data. The U.S. Department of Health and Human Services is currently reviewing the security practices of the company to find out if it failed to adhere to the security policies.
"We received inquiries from some State Attorneys General regarding whether notification to patients was necessary, and provided them information about our analysis and conculsions that patient data was not affected," the company said in the filing, quoted by Fox Business.
Medtronic clarified that the company remained committed to protecting the privacy of their patients' data in compliance of the HIPPA rules.
The HIPPA rules aim to assure patients that their health data is remains secured while using them to improve the quality of health care of the public. It also states how and when the information should be used upon approval of the patients.
Medtronic believes that the stolen data won't greatly affect the performance of the business, but the company is prepared for possible lawsuits that might be filed because of the security breach.
Medtronic's shares dropped by one percent after the breach and closed at $63.89 in mid-day trade on Friday.
