show image

Up to 745,000 pacemakers may be at risk of hacking

The US Food and Drugs Administration has urged patients who use certain Abbott pacemakers to visit their doctor to receive a software update that fixes security flaws.

The firm has said the flaws could leave the devices open to hacking. As many as 745,000 devices, which may be branded as St. Jude’s Medical, are affected, of which 280,000 are outside the US.

A spokesperson for the MHRA, the British healthcare regulator, said patients will have the opportunity to have their pacemaker’s software upgraded at their next scheduled clinic.

NHS England was not able to tell NS Tech how many of the affected Abbott pacemakers were in use in the UK.

Abbott said in a statement: “Abbott’s recommendation […] is that a patient have a conversation with their physician to determine if the update is right for them.”

It added that there have been no reports of unauthorized access to any patient’s implanted device.

“According to an advisory issued by the U.S. Department of Homeland Security, compromising the security of these devices would require a highly complex set of circumstances,” it said.

The FDA said in a statement that installing the updated firmware could potentially result in the following malfunctions:

  • Reloading of previous firmware version due to incomplete update (0.161 percent),
  • Loss of currently programmed device settings (0.023 percent),
  • Loss of diagnostic data (none reported), or
  • Complete loss of device functionality (0.003 percent).