Steris data breach

health apps concerns

A part of the wider Accellion cyberattack, Steris has reportedly fallen prey to a breach of private information. The Steris data breach first came to public attention in early 2021, but the incident itself is understood to have occurred as a result of a cyberattack reported in late December 2020.

Steris is a US company engaged in the supply of sterilisation services and surgical equipment in the healthcare sector. It is also far from the only company to be involved in the Accellion cybersecurity incident, which reportedly affected many business customers that use Accellion’s FTA (File Transfer Appliance).

Businesses don’t operate in a vacuum – with so many companies outsourcing to other companies for different products and services, business operations are commonly interlinked. As a result, businesses have to be able to rely on each other from a data protection perspective. In the case of Accellion, it seems that the company could not be trusted to maintain cybersecurity.

Steris data breach – involvement with the Accellion hack

Towards the end of December 2020, it was reported that Accellion, a technology company, had been targeted with a cyberattack focused on its FTA server. Despite publicly asserting that the vulnerability had been patched, Accellion later had to admit that there were other holes in its defences, it was reported.

Unfortunately, due to what appears to be an inadequate response strategy, Accellion appeared to be slow to spread the word to other companies, with further breached companies being revealed well into 2021. The Steris data breach appears to have first been reported in February 2021.

The Steris statement and the affected information

The official company statement on the Steris data breach revealed little about the information that had been exposed due to the Accellion hack. Steris made general comments stressing that the information set was small, and that its own systems had not been affected, but it did not expand further.

However, a third-party report alleged that documents exposed in the Steris data breach had been advertised online by cybercriminals. It was said that highly confidential details were contained in the documents, including a chemical formula that could be a trade secret for Steris.

Steris itself has not confirmed that the data allegedly stolen by ransomware hackers was its own. The company has, however, stated that it has engaged in its own investigations in order to assess the impact and scale of the breach, taking on experts to assist with their inquiries.

Cybersecurity and data protection for businesses

The Accellion hack has exposed the company to significant public criticism, and may have created friction between Accellion and its affected customers. Any reputational damage, alongside any harm done to data security, could be a strong message about why it is so important for businesses to maintain robust cybersecurity measures and data protection procedures.

The ultimate effects of the Steris data breach are currently unclear, but in many data breaches, the personal information of people (such as customers and employees) can be made vulnerable. If you have learned that your data has been exposed by a third party, you could be eligible for a data breach compensation claim. You can contact our expert lawyers today for free, no-obligation advice.

IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.

Request a Callback from our team!

Fill out our quick call back form below and we’ll contact you when you’re ready to talk to us.
All fields marked * are required.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy.
You have the right to object to the processing of your personal data.