Medtronic recalling certain insulin pumps on cybersecurity issues

June 2019
Medtronic is warning thousands of users of its older insulin pumps worldwide that the devices may contain a serious cybersecurity vulnerability allowing a malicious hacker to change drug-delivery settings. The warning included the statement that: “insulin pumps that were introduced to the market before 2013, including the MiniMed 508 pump and various models of MiniMed Paradigm pumps”. Pumps unaffected by the warning include “the MiniMed 530G, nor any 600-series MiniMed pump (including the 630G and 670G), which are widely used in the U.S.”

Other reports warned that the FDA warned that the pumps under recall “cannot be patched to fix the holes.” According to CNBC, this is “a rare example of a medical device recall over a cybersecurity issue, although security professionals and the FDA have raised numerous concerns over the vulnerability of these devices for years.”

Medtronic recommend switching to a different type of insulin pump and taking cybersecurity precautions with these existing pumps, such precautions include making sure all devices related to the pump are kept in patients’ sight at all times, monitoring blood sugar levels closely, and disconnecting the pump from WiFi when internet connection is not strictly necessary.

Back to news archive