Medtronic MiniMed 600 Insulin Pump Has Potentially Deadly Cybersecurity Problem, FDA Warns
Federal regulators are warning about yet another problem with the Medtronic MiniMed 600 insulin pump, indicating that the system may have a cybersecurity flaw that could be exploited to deadly consequences.
The U.S. Food and Drug Administration (FDA) issued a cybersecurity warning on September 20, alerting medical device users that the Medtronic MiniMed 600 Series Insulin Pump System has a communication protocol that could allow unauthorized use. The agency warns this exploit could be used to cause the pumps to deliver too much, or too little, insulin, which could prove fatal.
The Medtronic MiniMed insulin pumps are small, computerized devices that deliver insulin to diabetic patients throughout the day via a catheter implanted under the skin. They are wirelessly connected to both a monitoring system to track glucose levels, as well as a remote controller designed to communicate with the pump and deliver a specific amount of insulin.
Due to a serious of design problems, Medtronic’s MiniMed 600 series models and the MiniMed 780G models have been subject to a series of recalls in 2009, 2013, 2014, 2017, 2020, and 2021. According to the FDA, more than 26,000 complaints involving problems with the insulin pumps have been identified.
As a result of the manufacturers’ failure to properly design and test these critical drug delivery pumps, Medtronic MiniMed lawsuits are now being pursued on behalf of patients of suffered serious injury or death when they received too much or too little insulin.
Learn More About Medtronic MiniMed lawsuits
Recalled Medtronic MiniMed insulin pumps have been linked to reports of hypoglycemia, hyperglycemia and other serious injuries.
Previous Medtronic insulin pump problems involved devices with retainer ring defects, which failed to lock the insulin cartridge in place. These defects have caused problems with under dosing or overdosing of insulin, which may be responsible for 2,175 injuries and one death.
However, this latest FDA warning suggests the pump systems wireless communication software could be accessed by a nearby unauthorized user while the pump is paired with other system components like continuous glucose monitoring systems, blood glucose meters and CareLink USB devices.
The FDA noted it is not aware of any incidents where this cybersecurity flaw has been exploited. However, the warning indicates the agency is working with Medtronic to identify the weaknesses, figure out what needs to be to secure the system, and make sure healthcare personnel and medical device users are aware of the problem. The agency says it will keep the public informed if significant new information becomes available.
Those with questions about the MiniMed cybersecurity risks can call Medtronic at 1-800-646-4633. Adverse events should be reported to the FDA’s MedWatch Adverse Event Reporting Program.
"*" indicates required fields
More Top Stories
A wrongful death lawsuit claims Enfamil caused necrotizing enterocolitis in a preterm infant while she was NICU, resulting in her death after doctors determined her intestines were "non-salvageable."
State courts are being flooded with thousands of lawsuits over Zantac cancers which have not been included in the consolidated federal Multidistrict Litigation.
The side effects of Gardasil led to the death of a 13-year-old boy, according to a wrongful death lawsuit filed by his parents.