Medtronic MiniMed 508 and MiniMed Paradigm series insulin pumps are being recalled because of cybersecurity concerns, according to the Food and Drug Administration.
"While we are not aware of patients who may have been harmed by this particular cybersecurity vulnerability, the risk of patient harm if such a vulnerability were left unaddressed is significant," said Suzanne Schwartz, deputy director of the office of strategic partnerships and technology innovation.
The pump may be susceptible to an unauthorized person getting into and changing the settings, causing an over- or under-delivery of insulin.
“The FDA urges manufacturers everywhere to remain vigilant about their medical products — to monitor and assess cybersecurity vulnerability risk, and to be proactive about disclosing vulnerabilities and mitigations to address them,” Schwartz said. “This is part of the FDA's overall effort to collaborate with manufacturers and health care delivery organizations — as well as security researchers and other government agencies — to develop and implement solutions to address cybersecurity issues throughout a device's total product lifecycle.”
The FDA advises the nearly 4,000 people who use the insulin pumps to switch to models that can protect against hacking risks.