Home / Entertainment / FDA confirms that St. Jude cardiac devices contain hacking vulnerabilities; company issues patch

FDA confirms that St. Jude cardiac devices contain hacking vulnerabilities; company issues patch

As more companies rush to make every single item connected, the threat of hackers compromising these systems also increases. But it’s not just smart home products that are at risk; the Food and Drug Administration has issued a warning over cybersecurity vulnerabilities found in cardiac devices such as pacemakers.

The FDA notice states that the problem is related to the Merlin@home Transmitters manufactured by St. Jude Medical. They are part of a home monitoring system that transmits and receives RF signals used to wirelessly connect to implanted cardiac devices and read their stored data.

Engadget reports that once the Merlin accesses the information stored on a pacemaker, it’s uploaded to the Merlin.net Patient Care Network, where medical staff can access and monitor the device and the patient’s health.

The FDA notice doesn’t go into specifics, but it does warn that if the vulnerabilities in the Merlin were exploited, hackers could “modify programming commands to the implanted device, which could result in rapid battery depletion and/or administration of inappropriate pacing or shocks.”

The note emphasizes that there have been no reports of the devices being hijacked, and St. Jude Medical has developed a patch that fixes the security issues. It started rolling out yesterday and will be automatically applied over-the-air to affected Merlin products – just make sure they’re switched on and connected to the network.

The move follows months of denials by St. Jude that its heart implants contain any security vulnerabilities. Last year, Muddy Waters – an investment house founded by Carson Block – published a report claiming St. Jude’s devices could be hacked. St. Jude called the claims “false and misleading,” before launching legal action against the company.

In a statement, Block said the FDA’s announcement “vindicates” the firm’s research. “It also reaffirms our belief that had we not gone public, St. Jude would not have remediated the vulnerabilities,” Block said. “Regardless, the announced fixes do not appear to address many of the larger problems, including the existence of a universal code that could allow hackers to control the implants.”

Share this article:

About SEO Master

SEO MASTER Is A Web Developer, SEO Expert, Designer & Marketer Working From Last (3.50) Years On The Internet And Managing Several Successful Websites. !You Can Contact Us Via: --------- Skype : BLock Ho gaye ------------------ Email : Jal Gaye ------------- Cell No : Gum Ho Giya Hai..

Check Also

Nintendo Switch details: $300, March 3 release, online service requires paid subscription, more


Nintendo finally revealed some, though not all, of the Nintendo Switch’s details during a livestream event last night. We now know that the console will cost $299.99 in North America, launches worldwide on March 3, and requires a subscription for multiplayer games.

Read Entire ArticleRead Comments

email-thumsup