
Medtronic advises that two product lines of there are vulnerable to a RF-based attack that could result in changes to insulin delivery.
The MiniMed 508 and MiniMed Paradigm series of insulin pumps are vulnerable.
Medtronic advises that any patients using affected devices should contact their medical practitioner and until remedial work has been completed to observe the following guidelines.
- Keep your insulin pump and devices connected to your pump within your control at all times.
- Keep your pump serial number secure.
- Be attentive to pump notifications, alarms, and alerts.
- Immediately cancel any unintended boluses.
- Monitor your blood glucose levels closely and act as appropriate.
- Do not connect to any third-party devices or use any software not authorized by Medtronic.
- Disconnect your CareLink™ software USB device from your computer when it is not being used to download data from your pump.
- Get medical help right away if you experience symptoms of severe hypoglycemia or diabetic ketoacidosis, or suspect that your insulin pump settings, or insulin delivery changed unexpectedly.
The following pump models are vulnerable:
Insulin Pump | Software Versions |
MiniMed™ 508 pump | All |
MiniMedTM ParadigmTM 511 pump | All |
MiniMedTM ParadigmTM 512/712 pumps | All |
MiniMedTM ParadigmTM 712E pump | All |
MiniMedTM ParadigmTM 515/715 pumps | All |
MiniMedTM ParadigmTM 522/722 pumps | All |
MiniMedTM ParadigmTM 522K/722K pumps | All |
MiniMedTM ParadigmTM 523/723 pumps | 2.4A or lower |
MiniMedTM ParadigmTM 523K/723K pumps | 2.4A or lower |
MiniMedTM Paradigm™ Veo™ 554/754 pumps | 2.6A or lower |
MiniMedTM Paradigm™ Veo™ 554CM/754CM pumps | 2.7A or Lower |
The official announcement from Medtronic can be found here.