CardioComm Solutions Resumes Full Operations Following Cyber Attack
CardioComm Solutions Resumes Full Operations Following Cyber Attack
Toronto, Ontario--(Newsfile Corp. - December 14, 2023) - CardioComm Solutions, Inc. (TSXV: EKG) ("CardioComm" or the "Company"), a global medical provider of consumer heart monitoring and medical electrocardiogram ("ECG") software solutions, confirms to its customers and stakeholders that following a recent cyber attack the Company has successfully restored its systems and resumed full-scale operations stronger than ever.
安大略省多倫多--(新聞文件公司-2023 年 12 月 14 日)- CardioComm 解決方案有限公司 (多倫多證券交易所:EKG) (”心臟通信“或者”公司消費者心臟監測和醫療心電圖(“ECG”)軟件解決方案的全球醫療提供商 “)向其客戶和利益相關者證實,在最近的網絡攻擊之後,該公司成功恢復了系統,恢復了比以往任何時候都更強勁的全面運營。
On July 25, 2023, the Company announced a cyber attack took place which disrupted CardioComm's digital infrastructure and interrupted customer access to ECG reading and remote patient monitoring services. Promptly responding to the breach, the Company engaged cybersecurity experts, including KPMG-EGYDE, and initiated a comprehensive assessment and fortification of its systems to mitigate any potential vulnerabilities. The rigorous measures taken during the recovery phase included implementing state-of-the-art security protocols, conducting employee training sessions to reinforce cybersecurity awareness, and collaborating with industry experts to reinforce the Company's digital resilience. As a result of these efforts, CardioComm confirms the successful restoration of all affected systems and services with completed investigations showing no evidence of data access and / or data exfiltration from CardioComm's IT environment. Post-attack investigations have found no evidence of threat actor activity or presence in CardioComm's newly restored IT environment.
2023 年 7 月 25 日,該公司宣佈發生了網絡攻擊,該攻擊破壞了 CardioComm 的數字基礎設施,並中斷了客戶對心電圖讀取和遠程患者監測服務的訪問。該公司迅速對漏洞做出了回應,聘請了包括畢馬威會計師事務所在內的網絡安全專家,並啓動了對其系統的全面評估和防護,以減少任何潛在的漏洞。在恢復階段採取的嚴格措施包括實施最先進的安全協議、舉辦員工培訓課程以增強網絡安全意識,以及與行業專家合作以增強公司的數字彈性。由於這些努力,CardioComm證實所有受影響的系統和服務都已成功恢復,調查顯示沒有數據訪問和/或數據從CardioComm的IT環境中泄露的證據。攻擊後的調查沒有發現威脅行爲者活動或存在於CardioComm新恢復的IT環境中的證據。
Given the cyber attack's medium risk of harm classification, the Company proactively and duly submitted a report to the Office of Privacy Commissioner of Canada (PIPEDA) which was reviewed and successfully closed without further reviews. The Company has also engaged support for continued dark web search / monitoring as well as credit and identity monitoring for a two-year period by Transunion. Transunion is a major credit reporting, fraud, and analytics solutions provider across the finance, retail, telecommunications, utilities, government and insurance sectors.
鑑於網絡攻擊的危害分類爲中等風險,該公司積極及時地向加拿大隱私專員辦公室(PIPEDA)提交了一份報告,該報告經過審查併成功結案,無需進一步審查。該公司還爲Transunion在兩年內持續進行暗網搜索/監控以及信用和身份監控提供了支持。Transunion是一家主要的信用報告、欺詐和分析解決方案提供商,涵蓋金融、零售、電信、公用事業、政府和保險領域。
A message from Etienne Grima, CEO of the Company states, "Customers can once again access the Company's ECG reading services and remote patient monitoring platforms securely, ensuring the continued delivery of the exceptional service and reliability they have come to expect. Our topmost priority has always been the security and trust of our customers. We immediately mobilized our resources to contain and neutralize the cyber threat and our team has worked tirelessly to restore our systems to their optimal state."
該公司首席執行官艾蒂安·格里瑪在一封信中指出:“客戶可以再次安全地訪問公司的心電圖讀取服務和遠程患者監測平台,從而確保持續提供他們所期望的卓越服務和可靠性。我們的首要任務一直是客戶的安全和信任。我們立即調動資源來遏制和消除網絡威脅,我們的團隊一直在不懈地努力將我們的系統恢復到最佳狀態。”
Moving forward, CardioComm remains steadfastly committed to maintaining the highest standards of cybersecurity to safeguard its operations and the interests of its stakeholders. In keeping with this commitment, the Company has completed ISO 27001 certification and entered into a service agreement with Oracle for Oracle Cloud Infrastructure (OCI) services that assure business continuity and transparent disaster recovery for its production infrastructure and development/test and corporate environments.
展望未來,CardioComm仍然堅定不移地致力於維持最高的網絡安全標準,以保護其運營和利益相關者的利益。爲兌現這一承諾,公司已完成ISO 27001認證,並與甲骨文簽訂了甲骨文雲基礎設施(OCI)服務協議,該服務可確保其生產基礎架構、開發/測試和企業環境的業務連續性和透明的災難恢復。
OCI provides CardioComm high-performance compute capabilities and storage capacity in a flexible overlay virtual network that is securely accessible from CardioComm's on-premises network that will provide customers with high availability with no downtime. OCI also provides a number of security features such as data encryption by default at rest and in motion, and auto detection and remediation of security issues. Oracle manages more than 80 global, regional and industry-specific programs to provide third-party attestations like SOC, ISO, HIPAA, and FedRAMP, and advisories for standards like GxP, NIST, GDPR and FISC.
OCI 在靈活的重疊虛擬網絡中提供 CardioComm 高性能計算能力和存儲容量,該網絡可從 CardioComm 的本地網絡安全訪問,從而爲客戶提供高可用性,無需停機。OCI 還提供許多安全功能,例如默認靜態和動態數據加密,以及自動檢測和修復安全問題。甲骨文管理着 80 多個全球、地區和行業特定項目,提供第三方認證,如 SOC、ISO、HIPAA 和 FedRamp,並針對 GxP、NIST、GDPR 和 FISC 等標準提供建議。
This is the first year that CardioComm has been certified under ISO 27001, an international standard that focuses on information security management, providing a framework for establishing, implementing, maintaining, and continually improving an information security management system (ISMS) within an organization. Achieving ISO 27001 certification involved a thorough audit by an independent certification body to ensure compliance with the standard's requirements. Certification demonstrates CardioComm's commitment to managing and protecting its information assets and to provide assurances to its customers and stakeholders in the health industry about the level of performance of CardioComm's security practices.
這是CardioComm首次獲得ISO 27001的認證。ISO 27001是一項側重於信息安全管理的國際標準,爲在組織內建立、實施、維護和持續改進信息安全管理系統 (ISMS) 提供了框架。要獲得ISO 27001認證,需要獨立認證機構進行全面審計,以確保符合該標準的要求。認證表明了CardioComm致力於管理和保護其信息資產,並向醫療行業的客戶和利益相關者提供有關CardioComm安全實踐性能水平的保證。
To learn more about CardioComm's products and for further updates please visit the Company's websites at and .
要了解有關CardioComm產品的更多信息以及進一步的更新,請訪問該公司的網站,網址爲和。
About CardioComm Solutions
CardioComm Solutions' patented and proprietary technology is used in products for recording, viewing, analyzing and storing electrocardiograms for diagnosis and management of cardiac patients. Products are sold worldwide through a combination of an external distribution network and a North American-based sales team. CardioComm Solutions has earned the ISO 13485 and ISO 27001 certifications, is HIPAA compliant and holds medical device clearances and sales licenses from the USA (FDA) and Canada (Health Canada).
關於 CardioComm 解決方案
CardioComm Solutions的專利和專有技術用於記錄、查看、分析和存儲心電圖,用於心臟病患者的診斷和管理。產品通過外部分銷網絡和北美銷售團隊的組合在全球範圍內銷售。CardioComm Solutions已獲得ISO 13485和ISO 27001認證,符合HIPAA標準,並持有美國(FDA)和加拿大(加拿大衛生部)的醫療器械許可和銷售許可證。
FOR FURTHER INFORMATION PLEASE CONTACT:
Etienne Grima, Chief Executive Officer
1-877-977-9425 x227
investor.relations@cardiocommsolutions.com
欲了解更多信息,請聯繫:
艾蒂安·格里瑪,首席執行官
1-877-977-9425 x227
investor.relations@cardiocommsolutions.com
Forward-Looking Statements
This release may contain certain forward-looking statements and forward-looking information with respect to the financial condition, results of operations and business of CardioComm Solutions and certain of the plans and objectives of CardioComm Solutions with respect to these items. Such statements and information reflect management's current beliefs and are based on information currently available to management. By their nature, forward-looking statements and forward-looking information involve risk and uncertainty because they relate to events and depend on circumstances that will occur in the future and there are many factors that could cause actual results and developments to differ materially from those expressed or implied by these forward-looking statements and forward-looking information.
前瞻性陳述
本新聞稿可能包含與CardioComm Solutions的財務狀況、經營業績和業務以及CardioComm Solutions與這些項目有關的某些計劃和目標的某些前瞻性陳述和前瞻性信息。此類陳述和信息反映了管理層當前的信念,並以管理層目前可用的信息爲基礎。就其性質而言,前瞻性陳述和前瞻性信息涉及風險和不確定性,因爲它們與事件有關並取決於未來將發生的情況,並且有許多因素可能導致實際結果和發展與這些前瞻性陳述和前瞻性信息所表達或暗示的結果和發展存在重大差異。
In evaluating these statements, readers should not place undue reliance on forward-looking statements and forward-looking information. The Company does not assume any obligation to update the forward-looking statements and forward-looking information contained in this release other than as required by applicable laws, including without limitation, Section 5.8(2) of National Instrument 51-102 (Continuous Disclosure Obligations).
在評估這些陳述時,讀者不應過分依賴前瞻性陳述和前瞻性信息。除非適用法律(包括但不限於美國國家儀器 51-102)第 5.8 (2) 條,否則公司不承擔任何義務更新本新聞稿中包含的前瞻性陳述和前瞻性信息 (持續披露義務)。
Neither TSX Venture Exchange nor its Regulation Services Provider (as that term is defined in policies of the TSX Venture Exchange) accepts responsibility for the adequacy or accuracy of this release.
多倫多證券交易所風險投資交易所及其監管服務提供商(該術語在多倫多證券交易所風險投資交易所的政策中定義)均不對本新聞稿的充分性或準確性承擔責任。
To view the source version of this press release, please visit
要查看本新聞稿的源版本,請訪問
譯文內容由第三人軟體翻譯。