Medical device maker UFP Technologies warns of data stolen in cyberattack
Bleeping Computer
by Bill ToulasFebruary 25, 2026
AI-Generated Deep Dive Summary
UFP Technologies, a leading U.S. manufacturer of medical devices, has revealed that a cybersecurity incident has compromised its IT systems and resulted in data theft. The company, which produces critical healthcare products including surgical tools, wound care items, and orthopedic components, detected suspicious activity on February 14. Immediate action was taken to isolate and remediate the breach, with external cybersecurity experts brought in to assist. While the threat actor has been removed from the systems, it appears that some data was stolen or destroyed, potentially indicating a ransomware or wiper attack. The company’s filing with the SEC noted that not all IT systems were affected, but functions like billing and labeling for customer deliveries were impacted.
UFP Technologies employs over 4,300 people and generates annual revenue of $600 million. Despite the breach, the firm maintains that its primary IT infrastructure remains operational, and current assessments suggest the incident is unlikely to have a material financial impact. The company has yet to determine if personal information was exfiltrated, but it emphasized that notifications will be sent to affected individuals as required by law. UFP’s experience highlights the growing threat of cyberattacks on critical sectors like healthcare, where IT systems are vital for operations and patient care.
This incident underscores the importance of robust cybersecurity measures in safeguarding sensitive data and ensuring business continuity. For readers interested in security, the case of UFP Technologies serves as a reminder of the potential consequences of cyberattacks on industrial and medical infrastructure. The attack not only disrupts operations but also raises concerns about data integrity and customer trust. As more businesses rely on interconnected IT systems, understanding how to respond to such incidents becomes crucial for maintaining operational resilience
Verticals
securitytech
Originally published on Bleeping Computer on 2/25/2026