Medtronic (NYSE:MDT) today recalled two models of its MiniMed insulin pumps after researchers discovered cybersecurity risks that could allow a hacker to take control of the devices.
The recall affects 11 models in Fridley, Minn.-based Medtronic’s line of MiniMed 508, MiniMed Paradigm and MiniMed Paradigm Veo pumps, according to the FDA. Medtronic said the pumps are designed to wirelessly communicate with other devices such as glucose meters, glucose sensor transmitters and its own CareLink USB devices.
“Security researchers have identified potential cybersecurity vulnerabilities related to these insulin pumps. An unauthorized person with special technical skills and equipment could potentially connect wirelessly to a nearby insulin pump to change settings and control insulin delivery. This could lead to hypoglycemia (if additional insulin is delivered) or hyperglycemia and diabetic ketoacidosis (if not enough insulin is delivered),” Medtronic said in a field alert dated today.
There have been no confirmed reports of unauthorized hackers changing settings or controlling insulin delivery, the company said. Patients using the pumps listed below are advised to switch to devices “that are better equipped to protect against these potential risks,” the federal safety watchdog said.
Here is a list of the affected devices:
| Pump Model | Software Version |
|---|---|
| MiniMed™ 508 | All versions |
| MiniMed™ Paradigm™ 511 | All versions |
| MiniMed™ Paradigm™ 512/712 | All versions |
| MiniMed™ Paradigm™ 515/715 | All versions |
| MiniMed™ Paradigm™ 522/722 | All versions |
| MiniMed™ Paradigm™ 522K/722K | All versions |
| MiniMed™ Paradigm™ 523/723 | Version 2.4A or lower |
| MiniMed™ Paradigm™ 523K/723K | Version 2.4A or lower |
| MiniMed™ Paradigm™ 712E* | All versions |
| MiniMed™ Paradigm™ Veo 554CM/754CM* | Version 2.7A or lower |
| MiniMed™ Paradigm™ Veo 554/754* | Version 2.6A or lower |
I have and been using Medtronic Insulin Pump,ref mmt 723RNAS, SN PAR814897U. Is this unit involved in the cybo security threat???
Please advise what actions if any I must take????
Thanks, Phil Reitz.
Paradigm pump recalls for the 723 is based on your software version. Go to your status screen (press esc from home screen) and scroll down to the bottom. The last line is software version. If you have 2.4A or lower you are in the recall. If your software version in higher it is still safe (for now). Go to the MiniMed website for the patient letter. And you should never give your serial number out like you just did above. Hackers must have your serial number to communicate with your pump. Be safe!