FDA Issues Recall on Pacemakers Due to Security Vulnerabilities

FDA Issues Recall on Pacemakers Due to Security Vulnerabilities

The FDA issued a security advisory, warning that the pacemakers must be recalled on a voluntary basis. The devices are much “smarter” than previous models, opening up the possibilities of being tampered with by cyber criminals.

  • Aug 31, 2017

Pacemakers by Abbott (formerly St. Jude Medical) have been recalled by the U.S. Food and Drug Administration due to security vulnerabilities – prompting an estimated 465,000 patients with heart conditions across the country to need to visit their doctor to have theirs updated.

The FDA issued a security advisory, warning that the pacemakers must be recalled on a voluntary basis. The devices are much “smarter” than previous models, opening up the possibilities of being tampered with by cyber criminals.

The pacemakers need to be given a firmware update to protect them against vulnerabilities which could drain battery life, allow hackers to change programmed settings or even change its beats and rhythm.

This poses a problem – seeing as the recalled devices are embedded in patients’ chests.

In a letter sent to doctors, Abbott admitted that the update, approved by the FDA on August 23, could not be delivered over the air and will require about three minutes in the presence of the patient to download and install while in backup mode.

Patients are asked to contact their doctors to book themselves an appointment to get the update. However, in the letter, doctors are advised by Abbott to update only if it is "appropriate given the risk of update for the patient."

Patients with a RF-enabled St. Jude pacemaker or cardiac pacemaker, as well as healthcare professionals who are using these devices presently in hospitals to treat conditions including heart failure and irregular heart rhythms, must make sure a firmware update is applied to these devices. This specifically includes the Accent, Anthem, Accent MRI, Accent ST, Assurity and Allure models.

"The FDA reminds patients, patient caregivers, and health care providers that any medical device connected to a communications network (e.g. Wi-Fi, public or home Internet) may have cybersecurity vulnerabilities that could be exploited by unauthorized users," the FDA said in its announcement. "However, the increased use of wireless technology and software in medical devices can also often offer safer, more efficient, convenient, and timely health care delivery."

Featured

  • Creating More Versatility

    Today, AI has become top of mind for most security professionals. It is the topic of conversation in the technology world and continues to transform the way data is used to make important business decisions. Read Now

  • Report: 78 Percent of CISOs Seeing Significant Impact from AI-Powered Cyber Threats

    Darktrace recently unveiled its 2025 State of AI Cybersecurity report. The findings reveal that 78% of Chief Information Security Officers (CISOs) surveyed say that AI-powered threats are having a significant impact on their organizations, a 5% increase1 from 2024. While an increasing number of CISOs report feeling a significant impact from AI threats, more than 60% now say that they are adequately prepared to defend against these threats, an increase of nearly 15% year-over-year. However, insufficient AI knowledge and skills and a shortage of personnel and talent continue to be listed as the two top inhibitors to a successful defense. Read Now

  • Teaching AI New Tricks

    You have probably heard that AI-enabled security cameras are evolving the role of traditional surveillance cameras, shifting the focus from passive monitoring to active problem-solving and operational insights. AI technology changes fast, so what is new can be considered only news in just a few months. Read Now

  • From the Most Visible to the Less Apparent

    The Cybersecurity and Infrastructure Security Agency (CISA) states “There are 16 critical infrastructure sectors whose assets, systems, and networks, whether physical or virtual, are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, and national public health or safety or any combination thereof.” Read Now

Most   Popular

New Products

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises.

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities