Skip to main content

Massive Pacemaker Recall Over Hacking Threat

By September 19, 2017March 1st, 2023Cybersecurity

The FDA recently issued a recall order on nearly half a million pacemakers that have serious security flaws. They could allow hackers to take control of them, run their batteries dry or even modify a patient’s heartbeat, putting their lives at risk.

The recall order impacts six different types of pacemakers, manufactured by Abbott (formerly St. Jude Medical), and include the following models:

• Allure
• Assurity
• Accent ST
• Accent MIR
• Anthem
• Accent

The FDA had this to say in a related security advisory:

“Many medical devices, including St. Jude Medical’s implantable cardiac pacemakers, contain configurable embedded computer systems that can be vulnerable to cybersecurity intrusions and exploits. As medical devices become increasingly interconnected via the internet, hospital networks, other medical devices and smartphones, there is an increased risk of exploitation of cybersecurity vulnerabilities, some of which could affect how a medical device operates.”

This is something we’ve seen and written about before. Too few manufacturers of “smart” devices pay any attention to security, which makes the devices they sell almost laughably easy to hack and control.

Until we begin holding equipment manufacturers to account, they have no particular incentive to incorporate more robust security features. So far, customers haven’t been insisting on changes, which makes the FDA’s more active stance a welcome change indeed.

This, taken together with the fact that the government is considering implementing minimum security standards for any device they purchase, should at least begin to make smart device equipment manufacturers take notice and start implementing more robust security.

Unfortunately, where medical equipment is concerned, it’s entirely possible that hackers could literally kill someone by taking control of a device they rely on, so this matters a great deal.

In any case, if you have one of the pacemakers mentioned above installed, or if you know someone who does, be aware that you’ll need to get it replaced, or run the risk that a hacker could take control of your continued health and well-being.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.