The U.S. Food and Drug Administration has issued new advice about how to safeguard implantable cardiac devices against hackers.
A wireless transmitter used to transmit data from cardiac devices to medical providers, the Merlin@home Transmitter made by St.Jude Medical was found to be vulnerable to online hacking, the FDA said.
While no hacking event has been reported, the possibility of tampering was so concerning St. Jude Medical worked with the FDA and the Department of Homeland Security to develop a software patch, which was released yesterday, to help protect the device and patients using it from hacking.
“Many medical devices —- including St. Jude Medical’s implantable cardiac devices —- contain configurable embedded computer systems that can be vulnerable to cybersecurity intrusions and exploits,” FDA officials said in a statement yesterday.
The transmitter is placed in the home and can be used to monitor a variety of implantable cardiac devices including pacemakers, defibrillators or resynchronization devices and send health data back to a medical provider or the patient. The transmitter also allows doctors to change the device settings remotely.