Latest News

Could someone hack your pacemaker? FDA is recalling 465,000 of them due to that risk

Thousands of pacemakers recalled due to hacking concerns

The FDA has recalled 465,000 radio frequency-enabled implantable pacemakers due to the risk they could be hacked and their settings changed. The fix? A firmware update.
Up Next
The FDA has recalled 465,000 radio frequency-enabled implantable pacemakers due to the risk they could be hacked and their settings changed. The fix? A firmware update.

The U.S. Food and Drug Administration (FDA) is recalling nearly 500,000 pacemakers — the device that controls one’s heartbeat — citing concerns that they are vulnerable to hacking.

The FDA issued the recall Tuesday for 465,000 pacemakers created by health company Abbott Laboratories (formerly St. Jude Medical).

There are six types of pacemakers, all radio-controlled, affected by the recall, according to The Guardian.

“The pacemaker devices to which this update applies include the RF telemetry versions of the following devices in the U.S.: Accent SR RF™, Accent MRI™, Assurity™, Assurity MRI™, Accent DR RF™, Anthem RF™, Allure RF™, Allure Quadra RF™, and Quadra Allure MP RF™,” read the St. Jude Medical website.

Officials at the FDA are concerned that security loopholes could let hackers gain access to pacemakers, possibly allowing them to change the settings, or turn the devices off altogether, according to Pix11.

“As medical devices become increasingly interconnected via the Internet, hospital networks, other medical devices, and smartphones, there is an increased risk of exploitation of cybersecurity vulnerabilities,” the FDA’s recall read.

Hacking a pacemaker to change the pace of someone’s heartbeat could, at worst, result in death, according to The Guardian.

A healthcare provider can install a firmware update in 3 minutes that should address any cyber security vulnerabilities, according to Engadget.

Of the 465,000 affected devices in the United States, there are “no known reports of patient harm related to the cybersecurity vulnerabilities,” the FDA wrote.

A representative from the company that makes the pacemakers said in an email that this is not a recall, but instead just a “firmware update” that can be applied to the pacemakers in question.

Concerns about the safety of pacemakers are far from new.

MedSec, a cybersecurity firm that researches potential vulnerabilities in medical devices, first discovered the issue with the pacemakers, according to The Guardian.

In 2012, a former hacker named Barnaby Jack proved he could reverse engineer a pacemaker, forcing it to release multiple 830 volt shocks, according to Engadget. A year later, the FDA warned that pacemakers could be connected to networks vulnerable to hacking.

For more information, visit the St. Jude Medical website.

Related stories from McClatchy DC

  Comments