Intuitive Surgical reports cyber breach, calls products secure

Intuitive Surgical Inc. disclosed a cybersecurity incident on March 13, 2026, in which unauthorized access to internal IT business applications was confirmed following a targeted phishing attack. The company emphasized that its core surgical platforms, including the da Vinci and Ion systems, along with associated digital products, were not compromised and remain operational according to the company's statement. Intuitive attributed this to its segmented network infrastructure, which isolates internal business applications from manufacturing operations and customer-facing systems as detailed in their statement.

The breach involved customer business and contact information, as well as employee and corporate data, accessed via a compromised employee account linked to the internal administrative network. Hospital networks, managed separately by customer IT teams, were also unaffected according to company disclosures. Intuitive activated incident response protocols, secured affected systems, and initiated an investigation while notifying data privacy regulators and customers. The company reiterated that its security protocols for robotic systems operate independently of internal networks, ensuring uninterrupted service delivery as stated in their announcement.

Industry discussions, including on platforms like Reddit, highlight hospitals evaluating precautionary measures such as temporarily isolating da Vinci systems from networks, despite Intuitive's assurance of their operational integrity according to Reddit discussions. The incident underscores growing cybersecurity risks in healthcare technology, though Intuitive maintains that its products remain secure and that customer operations are unaffected. The investigation remains ongoing, with further updates to be provided as available as noted in their statement.