Skip to main content

After an FDA probe, St. Jude rolls out an update fixing the Merlin@home issue

1129714 autosave v1 hackers22
Shutterstock
St. Jude Medical stated on January 9 that it has begun deploying security updates to its Merlin.net Patient Care Network system. Reports surfaced in late 2016 that the Merlin@home transmitter used to monitor specific St. Jude Medical implanted devices could be hacked and potentially used to kill the patient. The implants in question span pacemakers (Assurity and Endurity) and Implantable Cardioverter Defibrillators (Ellipse and Fortify Assura).

Reports of the vulnerability prompted an investigation by the U.S. Food and Drug Administration, and a new warning about the potential hazards until the problem is resolved by St. Jude Medical. However, while the implants are radio frequency-enabled, they don’t connect directly to the internet through Wi-Fi.

Recommended Videos

Instead, they can be accessed through the Merlin@home monitor or in-office medical diagnostic equipment. The underlying problem is that the Merlin@home device does connect to the internet.

Please enable Javascript to view this content

The FDA, through its investigation, confirmed that a hacker could remotely access the Merlin@home transmitter and alter the device to gain complete control. After that, the hacker could use the transmitter to silently reprogram the patient’s implant, leading to a faster battery depletion, incorrect pacing, or unnecessary shocks, depending on the implant.

“Many medical devices—including St. Jude Medical’s implantable cardiac devices—contain configurable embedded computer systems that can be vulnerable to cybersecurity intrusions and exploits,” the FDA said on Monday. “As medical devices become increasingly interconnected via the Internet, hospital networks, other medical devices, and smartphones, there is an increased risk of exploitation of cybersecurity vulnerabilities, some of which could affect how a medical device operates.”

St. Jude Medical said that it’s not aware of any cybersecurity incidents related to its devices in the United States. It’s also not aware of any specific St. Jude Medical device or system used in clinics that has been specifically targeted. And while hackers intentionally going after St. Jude Medical devices is highly unlikely, the company is making its current update public knowledge so that patients can rest assured their implants are safe from any outside modifications.

“We’ve partnered with agencies such as the U.S. Food and Drug Administration (FDA) and the U.S. Department of Homeland Security Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) unit, and are continuously reassessing and updating our devices and systems, as appropriate,” said Phil Ebeling, vice president and chief technology officer at St. Jude Medical.

Patients relying on the Merlin@home service need to make sure the transmitter is plugged in and powered on, and that it’s connected to a land line or cellular service to receive the update. According to St. Jude Medical, the update includes additional “validation and verification” features for the communication between the Merlin@home transmitter and the Merlin.net online service. Additional updates will be distributed throughout 2017.

“The FDA has reviewed St. Jude Medical’s software patch to ensure that it addresses the greatest risks posed by these cybersecurity vulnerabilities, and reduces the risk of exploitation and subsequent patient harm,” the FDA added. “The FDA conducted an assessment of the benefits and risks of using the Merlin@home Transmitter, and has determined that the health benefits to patients from continued use of the device outweigh the cybersecurity risks.”

The Merlin@home transmitter is used to collect information from the patient’s implant, and to send the data to caregivers through the online Merlin.net network. In turn, physicians can keep track of the device and make necessary changes without the need for an office visit.

Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
The best health and fitness apps for iPhone in 2025: 15 best ones
Apple's Fitness app on the iPhone 14 Pro.

"Fitness" can mean a lot of things. For some people, it's being able to run far or fast. For others, it's being able to lift heavy things and lower them back down again. Others may simply want to keep trim or eat healthily. It may even mean getting a great night's sleep, or making sure your mental wellness is at its best. Whatever fitness means for you, we have a list of apps that cover all the possible bases. These apps excel in a number of different areas, but what they all generally have in common is that they use iOS' powerful tech to monitor and analyze your performance. As a result, they can help you progress along your fitness journey.

With 2025 now upon us, getting in shape -- and staying in shape -- is at the top of your list of New Year's resolutions. These apps will help you kick the new year off on a good foot and maintain your physical fitness for the rest of the year and every year after. You can pair the apps with other tech for best results, so make sure to check out our lists of the best fitness trackers and the best running headphones. Here are the best fitness apps for the iPhone in 2025.
Apple Fitness

Read more
GlassesUSA Black Friday Sale: Get 30% off prescription glasses
GlassesUSA frames close up with multiple styles.

Need a new pair of glasses? Want to stock up for your holiday trips before you head to meet up with your relatives? Typically, you'd have to wait until the official Black Friday event, the day after Thanksgiving, or maybe even Cyber Monday, but that's not the case this year. Alongside a variety of the best online glasses deals, GlassesUSA is hosting a huge Black Friday sale early, allowing you to save big on prescription glasses and frames with no waiting necessary. Of course, we always recommend browsing the sale of your own accord to see what's discounted because we couldn't possibly cover everything, nor could we know precisely what you're looking for. That said, we've called out quite a few of the best deals below.

What to shop in the early GlassesUSA Black Friday sale
Rightfully dubbed the Black Friday Early Bird sale, now's an excellent time to save up to 30% on prescription glasses. Moreover, GlassesUSA is truly dedicated to helping you find the perfect pair. Not only are there a ton of brands and styles to choose from, but you'll benefit from free shipping and returns and a money-back guarantee if you're not satisfied. You can even take to find the correct pair for your face. Ray-Ban, Oakley, DKNY, Prada, Ottoto, Muse, they are all here and available to shop, most discounted even. Men's and Women's eyewear are on sale, too, so there's something for everyone.

Read more
The best DNA testing kit Black Friday deals you can shop now
Daughter gifting Ancestry Gift Membership to family

DNA tests are awesome holiday gifts for your family. Together you can all build your family tree and discover your genetic makeup. Unfortunately the tests are pretty expensive, but at least you only need to test once. There are some nice Black Friday deals going on today that will save you a significant amount of money on single tests or bundles. Check out our favorite below, then more more deals worth checking out under that.
The best DNA testing kit Black Friday deal
AncestryDNA Genetic Test Kit -- $59, was $99

The single person AncestryDNA Genetic Test Kit is our pick for the best Black Friday deal already available. The kit normally costs $99, but right now it's down to just $59. That's a nice discount of $30 on one of the best DNA tests available. We're not sure how long this deal will last, so you should grab it soon.

Read more