The Medical Device Companies Invisible to AI Are the Ones Getting Breached

# The Medical Device Companies Invisible to AI Are the Ones Getting Breached

**Author:** Patrick Duggan (with Claude Code)

**Series:** DugganUSA Field Reports

We Scored Eight Medical Device Companies This Morning

We pointed our AI Presence Management tool at eight of the largest medical device companies on the planet. Four AI models — GPT-4o, Claude, Gemini, and Perplexity — queried in parallel. Technical structure analyzed. Brand threats cross-referenced against our 1,009,000+ indicator database.

Nobody scored above 50.

| Rank | Company | AIPM Score | Structure | NPS | LD-JSON |

|------|---------|-----------|-----------|-----|---------|

| 1 | Edwards Lifesciences | 50 | 58 | 0 | 5/25 |

| 2 | Boston Scientific | 50 | 54 | -33 | 5/25 |

| 3 | Medtronic | 48 | 47 | 0 | 5/25 |

| 4 | Intuitive Surgical | 48 | 55 | 0 | 5/25 |

| 5 | Stryker | 46 | 46 | -67 | 5/25 |

| 6 | Philips | 31 | 3 | 0 | 0/25 |

| 7 | Abbott | 31 | 3 | -33 | 0/25 |

| 8 | Baxter | 29 | 3 | -33 | 0/25 |

Then we looked at which ones have been breached.

The Correlation Nobody Talks About

The bottom three — Philips (31), Abbott (31), and Baxter (29) — all have structure scores of 3 out of 95. Zero LD-JSON structured data. Robots.txt blocking AI crawlers. No machine-readable description of what they do, what they sell, or who they are.

All three have recent breach histories.

Philips: MRI and CT scanner vulnerabilities, 2023. Abbott: pacemaker security recalls, 2022. Baxter: infusion pump vulnerabilities, 2022.

Stryker scores 46 with an NPS of -67 — the AI models actively don't recommend them. Stryker is currently under active cyberattack. SEC notification filed this week. Employee devices wiped. Recovery timeline unknown.

The companies investing the least in how AI models perceive them are the ones getting hit the hardest.

This isn't causation. But it's not coincidence either.

What Structure Score Actually Measures

A structure score of 3 means:

- No LD-JSON structured data (AI models can't parse your identity)

- Robots.txt blocking AI crawlers (AI models can't read your content)

- No sitemap (AI models can't discover your pages)

- No OpenGraph tags (AI models can't summarize your brand)

A company that hasn't invested 30 minutes in making their website readable to AI probably hasn't invested in making their infusion pumps resistant to ransomware either. Both require caring about the details. Both require acknowledging that the threat landscape changed.

The medical device industry builds hardware that keeps people alive. Their websites are invisible to the systems that increasingly determine how those products are perceived, recommended, and trusted.

1,014 Subdomains and a Surgical Robot

We ran certificate transparency lookups on Stryker and Philips. What we found should concern their security teams.

**Stryker: 1,014 subdomains in public certificate records.**

Of those:

- **192 are dev, staging, or test environments** — nearly 1 in 5. Non-production systems typically have weaker authentication, stale patches, and developer credentials.

- **114 are medical-device-specific** — including MAKO surgical robot infrastructure. Build servers, control planes, management consoles. The MAKO robot performs hip and knee replacement surgery on live patients.

- **53 are AI/ML infrastructure** — an internal AI platform called AIDA with dev, test, temp, and staging environments all issuing public certificates.

- **47 are API endpoints** — external-facing, including healthcare APIs.

- **34 are VPN and remote access portals** — multiple access gateways.

This is the company currently under active attack.

**Philips: 1,284 subdomains.**

- **195 dev/staging/test environments**

- **135 healthcare-specific subdomains** — including medical affairs platforms, imaging systems, and clinical tools

- **77 internal infrastructure hostnames** leaked through certificate transparency — SMTP servers, database hosts, internal naming conventions visible to anyone who looks

Philips scores 31 on AIPM. Structure score of 3. They block AI crawlers in robots.txt while publishing 1,284 subdomains in public certificate logs.

**Intuitive Surgical — the da Vinci robot company — has 6 subdomains.**

Six. Clean. Tight. Smallest attack surface, second-highest AIPM score (48), zero recent breaches.

The Inverse Correlation

| Company | Subdomains | Dev/Test Exposed | AIPM Score | Breached |

|---------|-----------|-----------------|-----------|----------|

| Intuitive Surgical | 6 | 0 | 48 | No |

| Stryker | 1,014 | 192 | 46 | Active |

| Philips | 1,284 | 195 | 31 | 2023 |

Fewer subdomains. Smaller surface. Higher AIPM score. Fewer breaches.

More subdomains. Bigger surface. Lower AIPM score. More breaches.

The company with 6 subdomains builds surgical robots that work. The company with 1,014 subdomains builds surgical robots that are currently getting their infrastructure wiped.

What This Means

We're a two-person cybersecurity company in Minneapolis. We run on $500 a month. We built a threat intelligence feed with a million indicators, an Epstein files search engine with 400,000 documents, and an AI presence audit tool that queries four models in parallel.

This morning we:

1. Scored eight medical device companies in under a minute each

2. Enumerated their subdomain surface via certificate transparency in 30 seconds

3. Found surgical robot dev servers in public certificate logs

4. Cross-referenced with active breach data

None of this required special access. Certificate transparency is public. Our AIPM tool is free. The breach data is in the news.

If we can do this from Minneapolis on a Sunday morning, imagine what a nation-state actor with actual resources can do.

The question isn't whether medical device companies should care about their AI presence and attack surface. The question is whether they can afford not to.

Score Yourself

Free. No login. 15 seconds.

**aipmsec.com**

We scored Stryker, Philips, Abbott, Baxter, Medtronic, Boston Scientific, Edwards, and Intuitive Surgical. We'll score you too.

The AI models are forming opinions about your company right now. You should know what they think.

*Her name was Renee Nicole Good.*

*His name was Alex Jeffery Pretti.*

The cheapest, fastest, most accurate threat feed on the internet.

275+ enterprises pulling daily. 1M+ IOCs. 17.4M indexed documents. We beat Zscaler by 43 days on NrodeCodeRAT. Starter tier $9/mo — less than any competitor’s sales demo.

Look up an IOC → · Audit your brand on AIPM → · See pricing →