Medical device company says shipping processes disrupted by ransomware attack

A company that makes products used in heart surgeries said its delivery systems have been disrupted by a pre-Thanksgiving ransomware attack.

Atlanta-based Artivion filed documents with the U.S. Securities and Exchange Commission (SEC) on Monday morning warning that the incident was having an impact on its operations. 

The company identified the cyberattack on November 21 and was forced to take some systems offline in response. 

“The incident involved the acquisition and encryption of files,” the company said in an 8-K filing. “The Company continues to provide its products and services to customers, but the incident has caused disruptions to some order and shipping processes, as well as to certain corporate operations, which have largely been mitigated.”

While some of the attack’s costs will be covered by cyberinsurance, Artivion said it “believes that it will incur additional costs that will not be covered by insurance.” 

The company also “remains subject to various risks due to the incident, including the impact of delays in restoration, and, as a result, cannot provide assurances that the incident will not be determined to have a material impact in the future.”

Outside cybersecurity experts have been hired to help with the recovery and Artivion explained that it is “working to securely restore its systems as quickly as possible and to evaluate any notification obligations.” 

No ransomware gang has taken credit for the incident as of Monday afternoon. 

The company, which reported $95.8 million in revenue for the most recent quarter, designs products used in cardiac and vascular surgeries. It primarily produces aortic stent grafts, surgical sealants, mechanical heart valves and implantable cardiac and vascular human tissues.

Artivion has manufacturing plants in Georgia, Texas and Germany, and it offers products in more than 100 countries. The company said it expects to bring in an estimated $396 million for 2024. 

Cyberattacks impacted multiple healthcare manufacturers last year, including giants like Zoll and Henry Schein as well as heart-focused companies like CardioComm.