Date of Breach
Allegation
Industry
Number Impacted
If you have used any of the Zio brand of ECG heart monitor products by iRhythm, your sensitive personal information and protected health information may be at risk from a recent data breach. Our firm is investigating this incident and can help you understand your rights and potential legal options.
In a June 15, 2026 filing with the U.S. Securities and Exchange Commission, iRhythm Holdings, Inc. (“iRhythm”) disclosed a data breach that the company discovered on June 8, 2026. iRhythm identified unauthorized activity involving certain third-party-hosted business applications used by the company and promptly activated its cybersecurity response plan with the assistance of external cybersecurity professionals to assess and contain the threat.
On June 9, 2026, a threat actor contacted iRhythm claiming to have stolen proprietary company data, patient protected health information, and other personal information. The threat actor demanded payment in exchange for not publicly disclosing this information. Since receiving these communications, iRhythm has confirmed that certain data was exfiltrated from third-party applications and has determined that the breach was carried out via social engineering (i.e. phishing or similar methods).
The company stated that its investigation into the scope of the incident and the types of information involved remains ongoing. iRhythm stated that the incident does not involve its clinical or medical device systems or connections to customers, and that the Company does not store or retain individual financial account information or payment card information. iRhythm indicated on a notice of the incident posted to its website that it will notify individuals affected by this incident as the investigation continues, in accordance with applicable law. As of publication, it is unknown whether iRhythm has in fact begun to send individual notice.
Upon information and belief, the following types of sensitive personal and protected health information may have been compromised:
The full scope of information involved remains under investigation.
Levi & Korsinsky, LLP is investigating whether affected individuals are entitled to compensation. If you received notice from iRhythm, or if you have ever used a Zio heart monitor, there is no cost or obligation to participate.
iRhythm Holdings is a digital healthcare company headquartered in San Francisco, California. The company provides cardiac monitoring technologies and services, including its Zio® cardiac monitoring devices and related data analysis solutions used by healthcare providers and patients throughout the United States.
UNDER THE RULES OF CERTAIN JURISDICTIONS, THIS WEBSITE MAY CONSTITUTE ATTORNEY ADVERTISING.
