Key Systems Restored After Masimo Cyberattack
Masimo has confirmed that it has made good progress recovering from the cyberattack it disclosed earlier this month. In its May 6, 2025, filing with the SEC, Masimo explained that the cyberattack had affected some of its manufacturing facilities, and was affecting its ability to process and fulfil orders; however, Masimo has now confirmed that its manufacturing facilities are working at near full capacity and its order taking and distribution and shipping systems are fully operational.
The cyberattack did result in some delays to customers’ orders; however, by optimizing its systems, Masimo has ensured that all delayed orders are processed in a timely manner, and the company does not anticipate the incident harming its ability to meet existing orders and seasonal demand. Masimo holds a cyber insurance policy and expects it to cover the majority of the out-of-pocket costs incurred remediating the cyberattack, and does not believe the cyberattack will have any material impact on its fiscal 2025 revenue, which is expected to remain in the range of $1.5 billion to $1.53 billion. Masimo has been focused on restoring systems after the cyberattack and is not yet in a position to confirm the extent of any data theft.
May 8, 2025: Patient Monitoring Device Manufacturer Recovering from Cyberattack
Masimo, a manufacturer of patient monitoring devices, filed a Form 8-K with the U.S. Securities and Exchange Commission (SEC) on Tuesday to alert investors about a cyberattack that has affected its manufacturing facilities. Masimo said some of its manufacturing facilities have been operating at less than normal levels since the attack, which is affecting the company’s ability to process, fulfill, and ship customer orders.
Masimo is a global manufacturer of patient monitoring devices, including blood oxygen saturation and pulse rate monitoring, blood constituent, brain and breath monitoring, and remote patient monitoring systems. The company’s devices are used by healthcare providers, physicians’ offices, EMS providers, long-term care facilities, and patients.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Unauthorized activity was identified within its on-premises network on April 27, 2027. Incident response protocols were immediately implemented, which include isolation of the affected systems to contain the incident. Third-party cybersecurity professionals have been engaged to assist with the investigation and recovery efforts, the incident has been reported to law enforcement, and Masimo is coordinating its response with them. Work is continuing to safely and securely bring the affected parts of its network back online.
Masimo said that the investigation is ongoing to determine the full scope, nature, and impact of the incident. At present, the incident appears to have only affected its on-premises IT environment. Its cloud-based systems do not appear to have been affected. In a quarterly earnings call, Masimo CEO Katie Szyman said the incident has affected the company website and several computer systems. While the investigation is ongoing and the full scope of the incident has yet to be established, Szyman said she does not expect the incident will have an impact on the company’s financial guidance. Further information on the exact nature of the attack has not been disclosed, such as whether ransomware was used. At this stage of the investigation, it is unclear if sensitive data was stolen in the attack.
