The US Food and Drug Administration (FDA) has issued a warning to patients and healthcare providers that certain Medtronic MiniMed some insulin pumps carry cybersecurity risks.
The alert reads, in part, as follows:
“The FDA has become aware than an unauthorized person (someone other than a patient, patient caregiver, or health care provider) could potentially connect wirelessly to a nearby MiniMed insulin pump with cybersecurity vulnerabilities and change the pump’s settings to either over-deliver insulin to a patient, leading to low blood sugar (hypoglycemia), or stop insulin delivery, leading to high blood sugar and diabetic ketoacidosis.”
Both conditions are life-threatening, so this alert should be taken seriously.
For their part, Medtronic is recalling the following MiniMed pumps and providing alternative pumps to impacted patients:
- The MiniMed 508 (all versions)
- The MiniMed Paradigm 511 (all versions)
- The MiniMed Paradigm 512/712 (all versions)
- The MiniMed Paradigm 515/715 (all versions)
- The MiniMed Paradigm 522/722 (all versions)
- The MiniMed Paradigm 522K/722K (all versions)
- The MiniMed Paradigm 523/723 (version 2.4A or lower)
- The MiniMed Paradigm 523K/723K (version 2.4A or lower)
- The MiniMed Paradigm 712E (all versions)
- The MiniMed Paradigm Veo 544CM/754CM (version 2.7A or lower)
- The MiniMed Paradigm Veo 554/754 (version 2.6A or lower)
It should be noted that to date, the FDA has not been made aware of any reports of hackers gaining unauthorized access to insulin pumps and changing settings. Even so, given the presence of these vulnerabilities, it’s just a matter of time and the consequences could be lethal.
If you or any member of your family is currently using one of the devices mentioned above, please get in touch with Medtronic right away. Make arrangements to have a replacement insulin pump sent to you. It’s not worth the risk to do anything less.