KXIP vs KKR Live Score

No actual remote attacks on these devices are known to have occurred. The letter instructed Abbott to resolve the cybersecurity concerns within the devices or face further penalties.

Medical device maker Abbott on Monday announced it is voluntarily recalling some 465,000 pacemakers to install a firmware update to patch cybersecurity vulnerabilities in the devices.

However, since then the firm has been forced to address some of the issues highlighted by MedSec by releasing security fixes for some products, as it did in January.

BACKGROUND: Many medical devices - including St. Jude Medical's implantable cardiac pacemakers - contain configurable embedded computer systems that can be vulnerable to cybersecurity intrusions and exploits.

The FDA alert says the recall involves implantable cardiac pacemakers, including cardiac resynchronization therapy pacemakers under the names Accent, Anthem, Accent MRI, Accent ST, Assurity and Allure. The software patch uploaded automatically and applied to patients with pacemakers and implantable defibrillators.

The FDA notes that on August 23, it approved the firmware update "that is now available and is intended as a recall, specifically a corrective action, to reduce the risk of patient harm due to potential exploitation of cybersecurity vulnerabilities for certain Abbott pacemakers".

The FDA signed off on the update last week, clearing healthcare providers to start moving their patients over to the new firmware.

Abbott has released a software security update to protect its cardiac pacemakers from hacking.

The patch comes eight months after Abbott released an update meant to fix a vulnerability with the device now providing pacemaker authorization, namely Merlin@home Transmitter. Abbott described the full update process in a Dear Doctor letter issued August 28, according to a safety update issued by the FDA. The device will run on backup mode during the process, but all life-sustaining features will still be available.

Patients' devices will be updated with the new battery alert automatically. The FDA and Abbott do not recommend the removal and replacement of affected pacemakers and suggest that the risks of cybersecurity be discussed between patients and their providers.

However, the FDA warned of a potential - but very small - update failure which could result in: reloading of the previous firmware version; loss of programmed settings; loss of diagnostic data; or complete loss of device functionality. In some cases, the risks may necessitate the performance of the procedure at a facility with a temporary pacemaker generator.


COMMENTS