The Food and Drug Administration (FDA) has warned people with diabetes that certain Medtronic MiniMed insulin pumps have potential cybersecurity risks.
The FDA revealed that it had become aware of an unauthorised person that could “potentially connect wirelessly to a nearby MiniMed insulin pump with cybersecurity vulnerabilities”. This vulnerability could allow a person to change the pump’s settings and over deliver insulin to a patient – thus leading to low blood sugar, or stop insulin delivery. This, in turn, leads to high blood sugar and diabetic ketoacidosis.
Certain Medtronic Minimed insulin pumps are being recalled as a result of potential cybersecurity risks and it has been recommended that patients should switch their pumps to other models.
The recalled pumps are Medtronic’s MiniMed 508 insulin pump and MiniMed Paradigm series insulin pumps. Medtronic is unable to update the two pumps “with any software or patch to address the devices’ vulnerabilities”.
Suzanne Schwartz, MD, of the FDA’s Center for Devices and Radiological Health, said in a statement:
“While we are not aware of patients who may have been harmed by this particular cybersecurity vulnerability, the risk of patient harm, if such a vulnerability were left unaddressed, is significant.”
“The FDA urges manufacturers everywhere to remain vigilant about their medical products — to monitor and assess cybersecurity vulnerability risk, and to be proactive about disclosing vulnerabilities and mitigations to address them.”
PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.
For more information on upcoming events, visit the website.