1 min read

Hackers Can Take Control of Some Electronic Diabetic Devices

Medical equipment provider Medtronic has issued an urgent recall order for insulin pump controllers belonging to their “MiniMed Paradigm” family. The company cited serious cyber security risks as the reason for the recall.

The models in question are MMT-500 and MMT-503 which is used in conjunction with the Medtronic MiniMed 508 pump.

Overall more than 31,000 of these devices were sold between August 1999 and July 2018. These devices are used by diabetics all over the country to stop, start, or change the amount of insulin delivered to the user.

Medtronic was made aware of a security risk that could allow an unauthorized individual to record and replay the wireless signal generated any time the user presses a button on the controller. The controller sends commands to the insulin pump. An attacker could then over-deliver the desired amount of insulin or stop it from being delivered entirely. In the case of an insulin overdose or a denied dose this could lead to the death of the patient.

According to the latest data available to the company there have been no reports of this security flaw being exploited in the wilds. That is fortunate but as the security flaw becomes more widely known the worry is that it’s just a matter of time.

Medtronic issued a formal statement which contained the following recommendation:

“You should immediately stop using and disconnect the remote controller, disable the remote feature, and return the remote controller to Medtronic. See the Appendix attached to this letter for detailed instructions.”

Unfortunately this is not the first time Medtronic has had issues with this model. In 2019 the FDA warned users of the MiniMed 508 that these pumps were vulnerable to attack. Back then the issue the FDA was warning about was a man in the middle attack that could allow an attacker to take control over the device.

Things Haven’t Improved Much So Far

It appears that things haven’t gotten any better. If you, or anyone you know uses one of the devices referenced above don’t delay. Send it back for a replacement as soon as possible.

Used with permission from Article Aggregator

IT Threat Intelligence: Is Your Firm Seeing The Whole Picture?

IT Threat Intelligence: Is Your Firm Seeing The Whole Picture?

Law firms today are sitting on a digital goldmine. From sensitive client communications and trade secrets to financial records and intellectual...

Read More
Mastering Digital Evidence: How Law Firms Turn Data into Trial-Winning Proof

Mastering Digital Evidence: How Law Firms Turn Data into Trial-Winning Proof

In 2011, a jury found Casey Anthony not guilty of murdering her two-year-old daughter. Later reviews revealed two key digital-evidence failures:...

Read More
The Predictive Edge: Turning Case Management Data Into Litigation Strategy

The Predictive Edge: Turning Case Management Data Into Litigation Strategy

The legal world is changing faster than a judge can say "sustained." Gone are the days when successful litigation relied solely on courtroom...

Read More

This Popular Fitbit Watch Has Been Recalled

Do you own an Ionic smartwatch? If you haven’t heard yet, be advised that Fitbit has issued a voluntary recall of the devices produced between 2017...

Read More

Mobile Devices Connected to Windows Known as Phone Link

Microsoft recently announced that it was doing a bit of re-branding.

Read More

Facebook is Changing Its Name and Here’s The Details

Recently one of the biggest companies on the web got a name change when the Facebook CEO announced that the company would henceforth be known as...

Read More