Cardiac monitoring company iRhythm Technologies has disclosed a cybersecurity incident involving unauthorized access to data stored within certain third-party-hosted business applications. The company revealed details of the iRhythm data breach in a recent SEC filing, stating that sensitive information, including protected health information (PHI), may have been accessed and exfiltrated by a threat actor. 

According to the SEC filing, iRhythm identified suspicious activity on June 8 and immediately activated its cybersecurity response protocols. The company launched an investigation with assistance from external advisors and cybersecurity specialists to determine the scope of the incident...