CardioComm, a provider of ECG monitoring devices, confirms cyberattack downed its services | TechCrunch

CardioComm, a provider of ECG monitoring devices, confirms cyberattack downed its services
Carly Page@carlypage_ / 1:35 PM GMT+1•July 26, 2023
Comment
Electrocardiogram (ECG) trace. An ECG measures the electrical activity of the heart.
Image Credits: Science Photo Library (opens in a new window)/ Getty Images
CardioComm Solutions, a Canadian provider of consumer and professional-grade heart monitoring technologies, has been downed by an ongoing cybersecurity incident.

The Toronto-based organization said on Tuesday that its business operations will be “impacted for several days and potentially longer” following a “cybersecurity incident on the Company’s servers.” At the time of writing, CardioComm’s website is unavailable and displaying a text-based message advising customers that the company is “experiencing down time [sic] to our services.”

The message confirms that a number of CardioComm’s products are affected by the outage, including HeartCheck CardiBeat, a handheld electrocardiogram (ECG) monitor that connects to a users’ smartphone via Bluetooth, enabling consumers to transmit results to a physician, clinic or CardioComm’s SMART monitoring ECG reading service.

Other affected services include its Global Cardio 3 software, which is used in the medical diagnostic industry to record patient ECGs and create ECG reports; and CardioComm’s Home Flex software that allows consumers to upload and share their heart readings.

The full extent of the outage is not yet known, nor its impact on consumers that rely on these devices for at-home testing. CardioComms CEO Etienne Grima has not yet responded to TechCrunch’s questions.

CardioComm has not shared any further details about the nature of the security incident, but said it’s currently working to restore its data and to reestablish its production server environments, suggesting the company may have been hit by a destructive event, like a ransomware attack.

CardioComm said that there is no evidence that customers’ health information was compromised as a result of this attack, but added that it has initiated identity theft precautions should its investigation determine that any employee personal information has been compromised.