Skip to main content
  1. Home
  2. Computing
  3. News

Insulin pumps recalled for vulnerability; concerns raised over medical IoT hacks

By
Image used with permission by copyright holder

Medical device company Medtronic is recalling a number of insulin pumps after discovering they are vulnerable to hacks — and there’s no way to patch the security holes. The FDA announced the vulnerability in the MiniMed 508 and Paradigm pumps this week, and Medtronic has sent a letter to around 4,000 patients currently using the devices.

“The FDA is warning patients and health care providers that certain Medtronic MiniMed insulin pumps have potential cybersecurity risks,” the FDA said in its advisory. “Patients with diabetes using these models should switch their insulin pump to models that are better equipped to protect against these potential risks.”

Recommended Videos

While patients are waiting for a replacement pump, the FDA advises users to reduce the risk of cybersecurity attack by keeping their pump and connected devices on their person at all times, not sharing their pump serial numbers, and paying special attention to notifications from the pump and their glucose levels.

Related

Concerns about the security of medical IoT (Internet of Things) devices have been raised before. Earlier this year, a white hat hacker warned that medical device manufacturers were not paying enough attention to security issues. “Manufacturers of medical IoT devices should be prioritizing security, especially considering the potential detrimental consequences of a breach,” Catherine Norcom, a hardware hacker for IBM’s X-Force Red, told Security Intelligence.

“Medical IoT devices are a top target of cybercriminals, so even if a manufacturer thinks it has developed a device with reasonable security, criminals may still find vulnerabilities. I recently read a Ponemon Institute study that said 67% of medical device makers believe an attack on one or more medical devices they have built is likely.”

The issue is not only the high possibility of an attack, but the devastating consequences that such attacks could have on users’ well-being or even their lives. But the poor security of insulin pumps has a flip side as well: diabetes patients who choose to hack their own devices to better fit their needs.

Dana Lewis, a diabetes patient from Alabama, created a program to automatically adjust the amount of insulin her pump distributed according to her blood sugar levels. She made the program available through the OpenAPS website and has said that the hack has greatly improved her quality of life. However, the FDA has warned against diabetes patients “using unauthorized devices for diabetes management” and medical professionals have seconded this warning.

Editors’ Recommendations

Topics
Georgina Torbet
Georgina Torbet
Space Writer
Georgina has been the space writer at Digital Trends space writer for six years, covering human space exploration, planetary…
We just got our first hint of the RTX 6090, but it’s not what you think
A hand grabbing MSI's RTX 4090 Suprim X.

As we're all counting down the days to a possible announcement of Nvidia's RTX 50-series, GPU brands are already looking ahead to what comes next. A new trademark filing with the Eurasian Economic Commission (EEC) reveals just how far ahead some manufacturers are thinking, because it mentions not just the Nvidia RTX 5090, but also an RTX 5090 Ti; there's even an RTX 6090 Ti. Still, it'll be a long while before we can count the RTX 60-series among the best graphics cards, so what is this all about?

The trademark registration filing, first spotted by harukaze5719 on X (formerly Twitter) and shared by VideoCardz, comes from a company called Sinotex International Industrial Ltd. This company is responsible for the GPU brand Ninja, which doesn't have much of a market presence in the U.S.

Read more
How the Blue Screen of Death became your PC’s grim reaper
The Blue Screen of Death seen on a laptop.

There's nothing more startling than your PC suddenly locking up and crashing to a Blue Screen of Death. Otherwise known as a Blue Screen, BSOD, or within the walls of Microsoft, a bug check screen, the Blue Screen of Death is as iconic as it is infamous. Blue Screen of Death is not a proper noun, but I'm going to treat it like one. It's what you were met with during crashes on Intel's 14th-gen CPUs, and it littered airport terminals during the recent CrowdStrike outage.

Everyone knows that a Blue Screen is bad news -- tack on "of Death" to that, and the point is only clearer. It's a sign that something catastrophic has happened, so much so that the operating system can't recover, and it needs to reboot your PC in order to save it. The Blue Screen of Death we know today, fit with its frowning emoticon, is a relatively new development in the history of Windows.

Read more
The performance downgrade made to the M4 Pro that no one is talking about
Someone using a MacBook Pro M4.

I've spent this whole week testing the new M4 chip, specifically the M4 Pro in both the Mac mini and 16-inch MacBook Pro. They are fantastic, impressive chips, but in my testing, I noticed something pretty surprising about the way they run that I haven't seen others talk much about. I'm talking about the pretty significant change Apple made in this generation to power modes.

First off, Apple has extended the different power modes to the "Pro" level chips for the first time, having kept it as an exclusive for Max in the past. The three power modes, found in System Settings, are the following: Low Power, Automatic, and High Power. The interesting thing, however, is that in my testing, the Low Power drops performance far more this time around.

Read more