Medtronic MiniMed 600 Insulin Pump Has Potentially Deadly Cybersecurity Problem, FDA Warns

New warning is the latest problem linked to Medtronic MiniMed 600 insulin pumps, which have been subject to a series of recalls in recent years, and blamed for thousands of serious injuries.

Federal regulators are warning about yet another problem with the Medtronic MiniMed 600 insulin pump, indicating that the system may have a cybersecurity flaw that could be exploited to deadly consequences.

The U.S. Food and Drug Administration (FDA) issued a cybersecurity warning on September 20, alerting medical device users that the Medtronic MiniMed 600 Series Insulin Pump System has a communication protocol that could allow unauthorized use. The agency warns this exploit could be used to cause the pumps to deliver too much, or too little, insulin, which could prove fatal.

The Medtronic MiniMed insulin pumps are small, computerized devices that deliver insulin to diabetic patients throughout the day via a catheter implanted under the skin. They are wirelessly connected to both a monitoring system to track glucose levels, as well as a remote controller designed to communicate with the pump and deliver a specific amount of insulin.

Due to a serious of design problems, Medtronic’s MiniMed 600 series models and the MiniMed 780G models have been subject to a series of recalls in 2009, 2013, 2014, 2017, 2020, and 2021. According to the FDA, more than 26,000 complaints involving problems with the insulin pumps have been identified.

As a result of the manufacturers’ failure to properly design and test these critical drug delivery pumps, Medtronic MiniMed lawsuits are now being pursued on behalf of patients of suffered serious injury or death when they received too much or too little insulin.

Previous Medtronic insulin pump problems involved devices with retainer ring defects, which failed to lock the insulin cartridge in place. These defects have caused problems with under dosing or overdosing of insulin, which may be responsible for 2,175 injuries and one death.

However, this latest FDA warning suggests the pump systems wireless communication software could be accessed by a nearby unauthorized user while the pump is paired with other system components like continuous glucose monitoring systems, blood glucose meters and CareLink USB devices.

The FDA noted it is not aware of any incidents where this cybersecurity flaw has been exploited. However, the warning indicates the agency is working with Medtronic to identify the weaknesses, figure out what needs to be to secure the system, and make sure healthcare personnel and medical device users are aware of the problem. The agency says it will keep the public informed if significant new information becomes available.

Those with questions about the MiniMed cybersecurity risks can call Medtronic at 1-800-646-4633. Adverse events should be reported to the FDA’s MedWatch Adverse Event Reporting Program.

0 Comments

"*" indicates required fields

Share Your Comments

I authorize the above comments be posted on this page*

Have Your Comments Reviewed by a Lawyer

Provide additional contact information if you want an attorney to review your comments and contact you about a potential case. This information will not be published.

NOTE: Providing information for review by an attorney does not form an attorney-client relationship.

This field is for validation purposes and should be left unchanged.

More Top Stories