The recall affects 11 models in Fridley, Minn.-based Medtronic’s line of MiniMed 508, MiniMed Paradigm and MiniMed Paradigm Veo pumps, according to the FDA. Medtronic said the pumps are designed to wirelessly communicate with other devices such as glucose meters, glucose sensor transmitters and its own CareLink USB devices.
“Security researchers have identified potential cybersecurity vulnerabilities related to these insulin pumps. An unauthorized person with special technical skills and equipment could potentially connect wirelessly to a nearby insulin pump to change settings and control insulin delivery. This could lead to hypoglycemia (if additional insulin is delivered) or hyperglycemia and diabetic ketoacidosis (if not enough insulin is delivered),” Medtronic said in a field alert dated today.
There have been no confirmed reports of unauthorized hackers changing settings or controlling insulin delivery, the company said. Patients using the pumps listed below are advised to switch to devices “that are better equipped to protect against these potential risks,” the federal safety watchdog said.
Here is a list of the affected devices:
|Pump Model||Software Version|
|MiniMed™ 508||All versions|
|MiniMed™ Paradigm™ 511||All versions|
|MiniMed™ Paradigm™ 512/712||All versions|
|MiniMed™ Paradigm™ 515/715||All versions|
|MiniMed™ Paradigm™ 522/722||All versions|
|MiniMed™ Paradigm™ 522K/722K||All versions|
|MiniMed™ Paradigm™ 523/723||Version 2.4A or lower|
|MiniMed™ Paradigm™ 523K/723K||Version 2.4A or lower|
|MiniMed™ Paradigm™ 712E*||All versions|
|MiniMed™ Paradigm™ Veo 554CM/754CM*||Version 2.7A or lower|
|MiniMed™ Paradigm™ Veo 554/754*||Version 2.6A or lower|