Medtronic is urgently recalling remote controllers for insulin pumps belonging to the ‘MiniMed Paradigm’ family of products, due to severe cybersecurity risks.
The controllers that should be returned to the vendor are models MMT-500 and MMT-503, used with Medtronic MiniMed 508 insulin pump and the MiniMed Paradigm family of insulin pumps.
These devices were sold in the United States between August 1999 and July 2018, and it is estimated that
there are 31,310 vulnerable units in use by diabetic patients in the country at the moment.
Insulin pumps are used for delivering insulin to diabetic users, while the remote controller aids in the wireless commanding of the device. It can be utilized to start, stop, or change the amount of insulin that is administered to the user.
A potentially deadly hack
The problem with these older remotes is that an unauthorized person could potentially record and replay the wireless communication signal that is generated when the user presses a button on the controller, sending commands directly to the insulin pump.
