- The FDA is warning that certain Medtronic MiniMed insulin pumps have been recalled because of potential cybersecurity risks.
- Patients using the models are advised to switch to ones that better protect against risk.
- To date, the FDA is unaware of any confirmed reports of patient harm related to these risks.
- The potential risks pertain to the wireless communication between Medtronic's MiniMed insulin pumps and other devices such as blood glucose meters, continuous glucose monitoring systems, the remote controller, and CareLink USB device used with the pumps.
- The FDA is concerned that, due to cybersecurity vulnerabilities identified in the device, someone other than a patient, caregiver, or health care provider could connect wirelessly to a nearby MiniMed insulin pump and change the pump's settings, potentially resulting in insulin over- or underdelivery.
- The recalled insulin pumps are Medtronic's MiniMed 508 and MiniMed Paradigm series.
- Medtronic cannot adequately update those models with software or patch to ameliorate the vulnerabilities.
- Medtronic is providing patients with alternative insulin pumps with enhanced built-in cybersecurity capabilities.
- In the United States, Medtronic has identified 4000 patients potentially using affected insulin pumps and is working with distributors to identify additional users.