Cybersecurity provider MedCrypt raises $5.3M in series A round

The round was led by Section 32, with additional funding from Eniac Ventures and Y Combinator—which named MedCrypt as part of its Winter 2019 batch of startups. (Pixabay)

Medical device cybersecurity provider MedCrypt has raised $5.3 million in a series A round, with plans to expand its team with new sales and software engineering positions, while further developing its technology.

The San Diego-based company aims to encrypt data transmissions and secure access at the device level, as part of a platform that also offers remote monitoring and alerts of suspicious behavior. The round was led by Section 32, with additional funding from Eniac Ventures and Y Combinator—which named MedCrypt as part of its Winter 2019 batch of startups. In total, the company has raised $8.4 million, including previous seed money.

“Internet-connected medical technology is entering the market at light speed, calling for devices to be secure by design, which leads to a heightened level of patient safety at all times,” MedCrypt CEO and founder Mike Kijewski said in a statement.


Like this story? Subscribe to FierceBiotech!

Biopharma is a fast-growing world where big ideas come along every day. Our subscribers rely on FierceBiotech as their must-read source for the latest news, analysis and data in the world of biotech and pharma R&D. Sign up today to get biotech news and updates delivered to your inbox and read on the go.

RELATED: RefleXion Medical picks MedCrypt for data encryption

“We're thrilled to see continued support from various groups in the industry, from the government to healthcare institutions and device vendors, along with support from our partners to help us further develop our technology and expand our team," Kijewski added.

RELATED: Charles River Labs hit by 'well-resourced' data thief

The FDA has previously stated that it will begin requiring cybersecurity checks in medical device submissions and its product reviews. In addition, the agency said it would start to refuse to accept applications lacking certain cybersecurity documentation, following a report last September from the HHS inspector general’s office.

“Cybersecurity threats to networked medical devices are on the rise,” the inspector general’s office wrote at the time. “Researchers and hackers have demonstrated that the lack of security controls in these devices makes them vulnerable to cybersecurity attacks, such as ransomware and unauthorized remote access. Such attacks can affect not only a single patient but can also impact a hospital system and disrupt the delivery of healthcare.”

RELATED: IMDRF to launch new cybersecurity harmonization working group, criteria for accepting standards

Earlier this year, Medtronic disclosed cybersecurity flaws in some of its implantable cardiac devices, including defibrillators and resynchronization therapy hardware, based in its proprietary, short-range Conexus radio communication protocol. Before that, the medtech giant was forced to disable internet-based updates for some of its pacemaker programmers over concerns that individuals could hijack the updates and inject non-Medtronic software.

Suggested Articles

Avidity Biosciences is on a roll—after inking an R&D deal with Eli Lilly and hiring a new CEO, the company is reeling in $100 million.

What the NASH field needs, says Genfit CEO Pascal Prigent, is something like the Hb1Ac test for diabetes.

Dubbed “Project Nightingale,” the efforts were announced amid concerns and federal inquiries into the data’s safekeeping and patient consent for use.