Johnson & Johnson is telling patients that it has learned of a security vulnerability in one of its insulin pumps that a hacker could exploit to overdose diabetic patients with insulin, though it describes the risk as low.Kudos to J&J - this is exactly how this sort of thing should be done. No stonewalling, just transparency on what the issue is with a fix available.
Medical device experts said they believe it was the first time a manufacturer had issued such a warning to patients about a cyber vulnerability, a hot topic in the industry following revelations last month about possible bugs in pacemakers and defibrillators.
J&J executives told Reuters they knew of no examples of attempted hacking attacks on the device, the J&J Animas OneTouch Ping insulin pump. The company is nonetheless warning customers and providing advice on how to fix the problem.
Wednesday, October 5, 2016
Johnson & Johnson insulin pump vulnerability
Johnson & Johnson has announced a vulnerability in one of their insulin pumps that could allow an attacker to change dosage levels: