Federal regulators said Monday that scores of pacemakers and implantable heart defibrillators made by St. Jude Medical are vulnerable to computer hacking, but a security patch is ready to address the problem.
On Monday, the U.S. Food and Drug Administration published a public safety notice confirming it is possible for a hacker to remotely compromise security in St. Jude’s wireless communication network and then secretly change commands in a pacemaker or implantable defibrillator while it’s still wired to a patient’s heart.
The potential for such attacks was first alleged by an investment firm last August. Such an attack could cause a lifesaving device to rapidly deplete its battery or give inappropriate electric shocks. However, federal officials stress there has never been a documented case of a cyberattack intended to harm a patient.