Their goal was the valuable health insurance information in patient records—…worth 20 times the value of a credit card record on the black market. But had they wanted to, they could potentially have taken control of the devices themselves.
It seems the hackers were able to steal medical records through an x-ray device and a blood gas analyzer. Legacy systems were designed and put in service before anyone thought of connecting them to the Internet. Security with these devices is non existent.
I used to be a huge fan of digital data stored in the cloud and scoffed at dentists concerned about security. I now admit I was dead wrong. It seems that every day there is news of another data breach.