Medtronic issues ‘immediate’ insulin pump controller recall vulnerable to hack

Medical device company Medtronic immediately recalled remote controllers for some insulin pumps because they were vulnerable to hacking. It is possible for someone to copy the signals sent from the controllers to the pumps and deliver or block a dose of insulin, which can be dangerous for diabetics who use the pumps.

In the recall statement, Medtronic said: That he was not aware of any situation where such hacks have taken place. The company was first made aware of the issue in 2018 after an independent cybersecurity researcher found the vulnerability and reported the problem to users. That initial alert told users how to disable the remote control feature when they weren’t using it.

Now, the company says people should not use the remote. “After further review, Medtronic has determined that the potential risks associated with the MiniMed remote controller outweigh the benefits of its continued use,” it said in the recall alert.

Medtronic also issued a safety notice in 2019 warning about the risk of hacks in the same set of insulin pumps, the MiniMed 508 insulin pump and the MiniMed Paradigm family of insulin pumps. The Food and Drug Administration also joined in and put out a statement saying the agency was concerned about the potential for someone to hack the pumps and change the dose of insulin given to patients.

Experts have been concerned about the cybersecurity risks of insulin pumps for nearly a decade, as security researcher Jay Radcliffe broke down his own Medtronic pump on stage at a conference.

As more and more medical devices are connected to the Internet and healthcare becomes a greater target for ransomware attacks, concerns have risen about things like insulin pumps, pacemakers, and other products. “There isn’t really a high-profile case of a patient being killed or seriously harmed, but it’s just a matter of time,” said Mike Johnson, a securities technology expert at the University of Minnesota’s Technological Leadership Institute. ledge in September.