recommended reading

Threatwatch

FDA Warns Nearly a Half Million Pacemakers Need Security Updates

Software vulnerability

The Food and Drug Administration on Monday warned about 465,000 pacemaker patients their medical devices could allow an unauthorized party to quickly deplete the device battery or adjust heart rates.

The agency does not recommend removing the devices and said no attacks of this flaw have been reported.

FDA said the security vulnerability affects certain models of the Abbott’s (formerly St. Jude’s) brand implantable pacemakers, devices which steady irregular heart beats with wires connected to hearts. The agency suggested patients with Accent, Anthem, Accent MRI, Accent ST, Assurity or Allure models should visit their doctors to determine whether they should apply the security patch—a process that takes about three minutes.

With any software update, there is a “very low risk” of malfunction, the alert said. Once installed, the FDA-approved update will require authentication from users trying to make changes.

sector

Healthcare and Public Health

reported

August 30, 2017

reported by

Law360

number affected

465,000

location of breach

Unknown

perpetrators

Unknown

location of perpetrators

Unknown

date breach occurred

Unknown

date breach detected

August 2016