Skip to main content

After an FDA probe, St. Jude rolls out an update fixing the Merlin@home issue

St. Jude Medical stated on January 9 that it has begun deploying security updates to its Merlin.net Patient Care Network system. Reports surfaced in late 2016 that the Merlin@home transmitter used to monitor specific St. Jude Medical implanted devices could be hacked and potentially used to kill the patient. The implants in question span pacemakers (Assurity and Endurity) and Implantable Cardioverter Defibrillators (Ellipse and Fortify Assura).

Reports of the vulnerability prompted an investigation by the U.S. Food and Drug Administration, and a new warning about the potential hazards until the problem is resolved by St. Jude Medical. However, while the implants are radio frequency-enabled, they don’t connect directly to the internet through Wi-Fi.

Recommended Videos

Instead, they can be accessed through the Merlin@home monitor or in-office medical diagnostic equipment. The underlying problem is that the Merlin@home device does connect to the internet.

The FDA, through its investigation, confirmed that a hacker could remotely access the Merlin@home transmitter and alter the device to gain complete control. After that, the hacker could use the transmitter to silently reprogram the patient’s implant, leading to a faster battery depletion, incorrect pacing, or unnecessary shocks, depending on the implant.

“Many medical devices—including St. Jude Medical’s implantable cardiac devices—contain configurable embedded computer systems that can be vulnerable to cybersecurity intrusions and exploits,” the FDA said on Monday. “As medical devices become increasingly interconnected via the Internet, hospital networks, other medical devices, and smartphones, there is an increased risk of exploitation of cybersecurity vulnerabilities, some of which could affect how a medical device operates.”

St. Jude Medical said that it’s not aware of any cybersecurity incidents related to its devices in the United States. It’s also not aware of any specific St. Jude Medical device or system used in clinics that has been specifically targeted. And while hackers intentionally going after St. Jude Medical devices is highly unlikely, the company is making its current update public knowledge so that patients can rest assured their implants are safe from any outside modifications.

“We’ve partnered with agencies such as the U.S. Food and Drug Administration (FDA) and the U.S. Department of Homeland Security Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) unit, and are continuously reassessing and updating our devices and systems, as appropriate,” said Phil Ebeling, vice president and chief technology officer at St. Jude Medical.

Patients relying on the Merlin@home service need to make sure the transmitter is plugged in and powered on, and that it’s connected to a land line or cellular service to receive the update. According to St. Jude Medical, the update includes additional “validation and verification” features for the communication between the Merlin@home transmitter and the Merlin.net online service. Additional updates will be distributed throughout 2017.

“The FDA has reviewed St. Jude Medical’s software patch to ensure that it addresses the greatest risks posed by these cybersecurity vulnerabilities, and reduces the risk of exploitation and subsequent patient harm,” the FDA added. “The FDA conducted an assessment of the benefits and risks of using the Merlin@home Transmitter, and has determined that the health benefits to patients from continued use of the device outweigh the cybersecurity risks.”

The Merlin@home transmitter is used to collect information from the patient’s implant, and to send the data to caregivers through the online Merlin.net network. In turn, physicians can keep track of the device and make necessary changes without the need for an office visit.

Kevin Parrish
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
GlassesUSA Black Friday Sale: Get 30% off prescription glasses
GlassesUSA frames close up with multiple styles.

Need a new pair of glasses? Want to stock up for your holiday trips before you head to meet up with your relatives? Typically, you'd have to wait until the official Black Friday event, the day after Thanksgiving, or maybe even Cyber Monday, but that's not the case this year. Alongside a variety of the best online glasses deals, GlassesUSA is hosting a huge Black Friday sale early, allowing you to save big on prescription glasses and frames with no waiting necessary. Of course, we always recommend browsing the sale of your own accord to see what's discounted because we couldn't possibly cover everything, nor could we know precisely what you're looking for. That said, we've called out quite a few of the best deals below.

Shop Now

Read more
The best DNA testing kit Black Friday deals you can shop now
Daughter gifting Ancestry Gift Membership to family

DNA tests are awesome holiday gifts for your family. Together you can all build your family tree and discover your genetic makeup. Unfortunately the tests are pretty expensive, but at least you only need to test once. There are some nice Black Friday deals going on today that will save you a significant amount of money on single tests or bundles. Check out our favorite below, then more more deals worth checking out under that.
The best DNA testing kit Black Friday deal
AncestryDNA Genetic Test Kit -- $59, was $99

The single person AncestryDNA Genetic Test Kit is our pick for the best Black Friday deal already available. The kit normally costs $99, but right now it's down to just $59. That's a nice discount of $30 on one of the best DNA tests available. We're not sure how long this deal will last, so you should grab it soon.

Read more
The 5 best DNA test kits for 2024
We spit in a ton of test tubes to find the best and most unique DNA tests
A 23andme DNA kit.

Despite the fact that tons of competitors have sprung up in recent years, 23AndMe still makes the best DNA test on the market. It's the quickest, it's very comprehensive, and the way the company presents your genetic data is simple and easy to digest. However, depending on what kind of information you're looking for, there are other, more specialized DNA tests that might be better suited for you. Whether it's ancestry, fitness, disease risk, or something else entirely, there's likely a DNA kit that'll uncover that data.

With the rising popularity of these tests, we decided to take a closer look and see which ones are worth the investment. To do this, we secured a mail-in kit from as many DNA testing services as we could find, then shipped them a spit tube full of our precious genetic code for analysis. After looking through all the data and personally trying all of these services, there were a few that stood out from the pack. Here are our favorites:
The best DNA test kit in 2024

Read more