FDA Warns Nearly a Half Million Pacemakers Need Security Updates

The Food and Drug Administration on Monday warned about 465,000 pacemaker patients their medical devices could allow an unauthorized party to quickly deplete the device battery or adjust heart rates.

The agency does not recommend removing the devices and said no attacks of this flaw have been reported.

FDA said the security vulnerability affects certain models of the Abbott’s (formerly St. Jude’s) brand implantable pacemakers, devices which steady irregular heart beats with wires connected to hearts. The agency suggested patients with Accent, Anthem, Accent MRI, Accent ST, Assurity or Allure models should visit their doctors to determine whether they should apply the security patch—a process that takes about three minutes.

With any software update, there is a “very low risk” of malfunction, the alert said. Once installed, the FDA-approved update will require authentication from users trying to make changes.