Olympus investigating 'potential cybersecurity incident' on American IT systems, its 2nd in a month

Olympus is investigating a possible cyberattack on its IT systems in the U.S., Canada and Latin America after detecting “suspicious activity” on Oct. 10, the tech giant said in a statement Tuesday.

Upon identifying the potential incident, the company said, “we immediately mobilized a specialized response team including forensics experts, and we are currently working with the highest priority to resolve this issue.”

In the meantime, the affected systems have been suspended, with Olympus saying its investigation so far indicates that the incident was contained only to its IT systems serving the Americas.

“We are working with appropriate third parties on this situation and will continue to take all necessary measures to serve our customers and business partners in a secure way,” the statement continued.

RELATED: FDA names its first medical device cybersecurity director

The suspected incident occurred almost exactly one month after Olympus reported another cyberattack. In that case, which was confined to its IT systems in Europe, the Middle East and Africa, the company again initially described the Sept. 8 attack as a “potential cybersecurity incident.”

In a follow-up statement on Sept. 14, however, Olympus confirmed that the incident was in fact “an attempted malware attack affecting parts of our sales and manufacturing networks in EMEA,” and said it had reported the attempt to relevant government authorities.

“According to the results of the investigation so far, no evidence of loss, unauthorized use or disclosure of our data has been detected,” Olympus said.

Before the company had acknowledged the incident, an unnamed source with knowledge of the incident told TechCrunch that it was a ransomware attack perpetrated by BlackMatter, a ransomware-as-a-service provider that is believed to be the second coming of DarkSide, which was responsible for the Colonial Pipeline hack earlier this year.

According to TechCrunch, a letter left in Olympus’ systems after the Sept. 8 attack read, “Your network is encrypted, and not currently operational.” It added, “If you pay, we will provide you the programs for decryption.”

RELATED: Medtronic taps IoT security startup Sternum to prevent pacemaker hacks

Cybersecurity is top of mind for medtech developers like Olympus as medical devices become increasingly “smarter” and are inextricably linked to online platforms chock-full of sensitive patient data.

Just this month, Medtronic expanded a 2018 recall of some of its MiniMed insulin pumps, which it found were vulnerable to potential hacks that could cause the pumps to deliver incorrect dosages of insulin. That action came a few months after the company hired cybersecurity provider Sternum to secure its Bluetooth-connected cardiac pacemakers. In both cases, Medtronic said it hasn’t received any reports that any of the devices had been hacked, but took the precautionary measures just in case.