FDA Recalls Medtronic Insulin Pump Controller, Cites Cybersecurity Risks

October 08, 2021 - The US Food and Drug Administration (FDA) issued a Class I recall on all Medtronic MiniMed remote controllers used with the Medtronic MiniMed 508 insulin pump or the MinMed Paradigm family of insulin pumps, citing significant cybersecurity concerns.

Medtronic urged users to immediately discontinue use, disconnect the remote controller, disable the remote feature, and return the controller to Medtronic. The remote controlled device allows users to communicate with the pump wirelessly to deliver a specific dose of insulin.

“An unauthorized person (someone other than a patient, patient caregiver, or health care provider) could potentially record and replay the wireless communication between the remote and the MiniMed insulin pump,” the FDA explained.

“Using specialized equipment, an unauthorized person could instruct the pump to either over-deliver insulin to a patient, leading to low blood sugar (hypoglycemia), or stop insulin delivery, leading to high blood sugar and diabetic ketoacidosis, even death.”

The FDA has not received any reports of patient harm related to the device. Individuals who own the device but never programmed a remote controller ID into the pump and never programmed the easy bolus option will not be impacted by the vulnerability.

“Medtronic first communicated this recall to some users in August 2018 with instructions on how to disable the remote bolus feature, when not in use, to protect the security of your insulin pump when using an optional remote controller which may be susceptible to a cybersecurity risk. At that time, only users whose pumps were under warranty received the recall notification.,” Medtronic explained in a statement.

“Additionally, after further review, Medtronic has determined that the potential risks associated with the MiniMed remote controller outweigh the benefits of its continued use. Therefore, we are providing updated instructions to further address this risk.”

The pump is vulnerable if an individual or caregiver manually enabled the remote option, the remote controller ID was registered to the pump, and the easy bolus option was turned on.  In addition, an unauthorized individual would need to be in close proximity of the pump user with the necessary equipment to copy activated RF signals.

In addition, the user would need to ignore the pump alerts, which indicate that medication is being delivered remotely, in order for the vulnerability to be a threat.

The FDA warned patients to immediately seek medical help if they have symptoms of diabetic ketoacidosis or severe hypoglycemia, or if they believe that their insulin pump settings changed unexpectedly.

The recall underscored the growing need to manage medical device security threats. McAfee researchers recently found significant vulnerabilities in two types of B. Braun infusion pumps, which posed similar threats.

The researchers discovered that malicious hackers could administer deadly doses of medications remotely through the infusion pump, creating a major gap in medical device security.

The FDA has previously called attention to the safety risks of infusion pumps. While they are convenient for administering frequent and accurate doses of life-saving medications, they can also be used as a weapon by bad actors.

The Medtronic recall may signify future FDA actions surrounding infusion pumps and the complicated cybersecurity vulnerabilities that they present.