The US FDA (Food and Drug Administration) has warned users of Medtronic’s MiniMed 600 Series Insulin Pump System—specifically, models for MiniMed 630G and MiniMed 670G—that their medical devices have a cybersecurity issue with its communication protocol. If compromised, attackers could gain unauthorized access to the pump system itself, and alter it to deliver too much or too little insulin to the patient.

360 Mobile Vision - North & South Carolina Security products and Systems Installations for Commercial and Residential - $55 Hourly Rate. ACCESS CONTROL, INTRUSION ALARM, ACCESS CONTROLLED GATES, INTERCOMS AND CCTV INSTALL OR REPAIR 360 Mobile Vision - is committed to excellence in every aspect of our business. We uphold a standard of integrity bound by fairness, honesty and personal responsibility. Our distinction is the quality of service we bring to our customers. Accurate knowledge of our trade combined with ability is what makes us true professionals. Above all, we are watchful of our customers interests, and make their concerns the basis of our business.

Because the MiniMed 600 series devices have components (the insulin pump, the blood glucose meter, the continuous glucose monitoring transmitter, and the CareLink USB device) that communicate wirelessly, nearby attackers could gain unauthorized access to them when the pump is paired with these components. Medtronic clearly stated that such an attack could not be done over the internet.

“Medtronic has no evidence to date that such an issue has occurred,” the company’s Urgent Medical Device Correction notification page states. “However, in the unlikely event that unauthorized access would be successful, the access could be used to deliver too much or too little insulin through delivery of an unintended insulin bolus or because insulin delivery is slowed or stopped. Too much insulin could result in hypoglycemia (low blood sugar) which can potentially lead to seizure, coma or death. Too little insulin could result in hyperglycemia (high blood sugar) which can potentially lead to diabetic ketoacidosis.”

The FDA continues to work with Medtronic to identify, communicate, and prevent the devices’ vulnerability effects. Medtronic advises taking action and the necessary precautions to avoid being at risk. First, the company advises users to turn off the “Remote Bolus” feature of the pump, which is on by default.

The company also reminded users to keep their insulin pump and its components within their control at all times, never confirm connection requests on the pump screen unless initiated by them or their care partner, and not share their insulin pump’s or device’s serial numbers with anyone but their healthcare provider, distributor, and Medtronic. A detailed list of precautions can be found on this page.

By admin