According to recent news reports, 465,000 Abbott pacemakers were voluntarily recalled by the company because of vulnerabilities that hackers could exploit. The recall was issued for the affected devices to encourage patients to update them with the latest software version, which is designed to fix the dangerous vulnerabilities.
Why The Vulnerabilities Are Dangerous
There were no documented cases of Abbott pacemakers being accessed by unauthorized users. However, experts confirmed that possible exploits could be performed by using extensive and complex methods. Data experts said that someone accessing a device could control and alter its operations. Unauthorized use could also result in a fast-draining battery. Both risks put the lives of people who depend on their pacemakers at risk.
What The Recall Means For Patients
The good news about the recall is that patients who have had an affected device implanted will not need surgery to have it removed. To update the software and fix the vulnerabilities, patients must visit their health providers in person. Another piece of good news is that the update only takes about five minutes to complete.
The company used to operate under the name of St. Jude Medical. Anyone who had one of the following pacemakers implanted from Abbott or St. Jude Medical should contact their health care provider:
- Accent ST
- Accent MRI
In most cases, the risks associated with a security breach pose a bigger threat to the health of a patient than a software update. However, every medical procedure comes with one or more risks. Patients who have one of the above-listed devices should discuss the process of a software update with their personal physician. Discussing the update process with a physician was also strongly recommended by officials from the Department of Homeland Security who warned that foreign hackers could try to gain access to devices to extort money or other assets from people.
About The Recall
A cybersecurity firm called MedSec found the vulnerabilities and brought them to the attention of Abbott. The company had recently purchased St. Jude Medical and renamed it. There was a similar pacemaker issue before St. Jude Medical was bought. MedSec is known for its unconventional approaches to cybersecurity. While the company acknowledged that its selling of information as a form of bringing attention to the issue was not a traditional method, MedSec remains committed to making medical devices and systems safer as technology advances every day. However, Abbott issued a statement assuring patients that hacking risks were low enough to not spur immediate action. In cooperation with the FDA and its recommendations, Abbott continues to encourage patients to talk to their doctors about software updates during their next scheduled checkup or routine visit.
The Food and Drug Administration is overseeing the recall efforts and software updates. A representative from Abbott warned that all industries should remain vigilant to watch for indications of unauthorized pacemaker access. Since the process of watching for such issues is not simple or streamlined, Abbott is taking aggressive and proactive steps to advance its security as hackers continually become more sophisticated.
Learn more about Medical Device News.