Skip to main content

Insulin pumps recalled for vulnerability; concerns raised over medical IoT hacks

Image used with permission by copyright holder

Medical device company Medtronic is recalling a number of insulin pumps after discovering they are vulnerable to hacks — and there’s no way to patch the security holes. The FDA announced the vulnerability in the MiniMed 508 and Paradigm pumps this week, and Medtronic has sent a letter to around 4,000 patients currently using the devices.

“The FDA is warning patients and health care providers that certain Medtronic MiniMed insulin pumps have potential cybersecurity risks,” the FDA said in its advisory. “Patients with diabetes using these models should switch their insulin pump to models that are better equipped to protect against these potential risks.”

While patients are waiting for a replacement pump, the FDA advises users to reduce the risk of cybersecurity attack by keeping their pump and connected devices on their person at all times, not sharing their pump serial numbers, and paying special attention to notifications from the pump and their glucose levels.

Concerns about the security of medical IoT (Internet of Things) devices have been raised before. Earlier this year, a white hat hacker warned that medical device manufacturers were not paying enough attention to security issues. “Manufacturers of medical IoT devices should be prioritizing security, especially considering the potential detrimental consequences of a breach,” Catherine Norcom, a hardware hacker for IBM’s X-Force Red, told Security Intelligence.

“Medical IoT devices are a top target of cybercriminals, so even if a manufacturer thinks it has developed a device with reasonable security, criminals may still find vulnerabilities. I recently read a Ponemon Institute study that said 67% of medical device makers believe an attack on one or more medical devices they have built is likely.”

The issue is not only the high possibility of an attack, but the devastating consequences that such attacks could have on users’ well-being or even their lives. But the poor security of insulin pumps has a flip side as well: diabetes patients who choose to hack their own devices to better fit their needs.

Dana Lewis, a diabetes patient from Alabama, created a program to automatically adjust the amount of insulin her pump distributed according to her blood sugar levels. She made the program available through the OpenAPS website and has said that the hack has greatly improved her quality of life. However, the FDA has warned against diabetes patients “using unauthorized devices for diabetes management” and medical professionals have seconded this warning.

Editors' Recommendations

Georgina Torbet
Georgina is the Digital Trends space writer, covering human space exploration, planetary science, and cosmology. She…
Hacker claims to have hit Apple days after hacking AMD
The Apple logo is displayed at the Apple Store June 17, 2015 on Fifth Avenue in New York City

Data breaches happen all the time, but when the giants get hit, it's impossible not to wonder what kind of critical data may become exposed. Earlier this week, notorious cybercriminal Intelbroker reported that they managed to hack AMD. Now, they followed up with claims about hacking Apple, and went as far as to share some internal source code on a hacking forum.

As Apple has yet to comment, all we have to go off is the forum post, first shared by HackManac on X (formerly Twitter). In the post, Intelbroker states that Apple suffered a data breach that led to the exposure of the source code for some of its internal tools. The tools include AppleConnect-SSO, Apple-HWE-Confluence-Advanced. There's been no mention of any customer data being leaked, which is good news, but there could still be some impact on Apple if this proves to be true.

Read more
Alexa to get supercharged with AI
Alexa can now handle multiple requests in a list.

Siri isn't the only digital assistant getting an AI update in the near future. According to sources speaking to Reuters, Amazon is reportedly planning an expansive update for its decade-old digital conversationalist that would implement a two-tier service subscription that could cost users $5 t0 $10 per month.

The new voice assistant, dubbed "Remarkable Alexa" per the sources, could arrive as soon as August 2024. The project, code-named "Banyan" after the species of large ficus tree, has become something of a pet project for CEO Andy Jassy, who promised a “more intelligent and capable Alexa” to shareholders in an April letter. The sources warned, however, that the rumored pricing and release dates could shift as we get closer to August, depending on how well the project comes together prior to that deadline.

Read more
Best Buy is selling restored Chromebooks for under $200
A front view of an Acer Chromebook 315 on a white background.

Getting a cheaper laptop is always nice, especially if you just want to browse the web, watch videos, and do some simple online homework or type up documents. One great choice for this situation is to choose from one of the best Chromebooks, Google's pared down laptops that work well with cloud storage and have a low cost. Another great choice is to go for refurbished laptop deals, taking a gently used computer, saving a ton on it, and giving it a new life. Chromebook deals offer even better savings if you're willing to limit your selection. But the best choice just might be when you combine the two together to get a restored Chromebook.

We've compiled a list of the three restored Chromebooks over at Best Buy that are worth taking a look at. They're all under $200 and, if you're just looking for something easy to work with and don't have too many requirements, any of the three is a good pickup. For that reason, we'll list the three here for you to look at now, but keep reading for a more in-depth analysis.

Read more