Medtronic, Inc. is recalling thousands of MiniMed Insulin Pumps, warning that the device’s software could be vulnerable to hackers.
“Security researchers have identified potential cybersecurity vulnerabilities related to these insulin pumps. An unauthorized person with special technical skills and equipment could potentially connect wirelessly to a nearby insulin pump to change settings and control insulin delivery,” the company said.“This could lead to hypoglycemia (if additional insulin is delivered) or hyperglycemia and diabetic ketoacidosis (if not enough insulin is delivered).”
The Medtronic insulin pump recall includes the following products, with the affected software versions noted in parenthesis:
All of the above MiniMed insulin pumps use a wireless radio frequency to communicate with other medical devices, including blood glucose meters, glucose sensor transmitters, and CareLink USB devices.
So far, there have been no confirmed reports of hackers actually changing the settings or insulin delivery. Nevertheless, Medtronic is urging patients to discuss replacing the affected Minimed insulin pumps with updated models that have added cybersecurity protections.
In the meantime, the following precautions will minimize the potential for hacking:
The Medtronic insulin pump recall isn’t the first prompted by cybersecurity vulnerabilities. Less than two years ago, in fact, similar issues forced Abbott (formerly St. Jude) to recall 465,000 implantable pacemakers for a software update.
Unfortunately, while hacking dangers extens well beyond insulin pumps and pacemakers, medical device manufacturers are still playing catch-up on cybersecurity.
“Any device can be hacked and that’s often not understood,” Suzanne Schwartz, M.D., who oversees medical device cybersecurity for the U.S. Food & Drug Administration (FDA), recently told CBS News.
“It’s a culture shift,” she continued. “So, the actions and the activities that we’re seeing manufacturers take are very encouraging, they’re very promising, but we still have a ways to go.”