Skip to content
The Mindanao Examiner Regional Newspaper

The Mindanao Examiner Regional Newspaper

Title

Name

Primary Menu
  • Home
  • Mindanao
  • Visayas
  • National
  • Features
  • Opinion
  • Business
  • International
  • SciTech
  • Health & Wellness
  • Sports
  • About Us
    • Regional Advertising Rates
    • Contact Us
    • Profile
  • Home
  • Featured
  • Insulin pump vulnerable to hacking, J&J warns people with diabetes – CBC News
  • Featured
  • Health

Insulin pump vulnerable to hacking, J&J warns people with diabetes – CBC News

Editor October 5, 2016
Johnson & Johnson is telling patients that it has learned of a security vulnerability in one of its insulin pumps that a hacker could exploit to overdose diabetic patients with insulin, though it describes the risk as low.
Medical device experts said they believe it was the first time a manufacturer had issued such a warning to patients about
a cyber vulnerability, a hot topic in the industry following revelations last month about possible bugs in pacemakers and
defibrillators.
J&J executives told Reuters they knew of no examples of attempted hacking attacks on the device, the J&J Animas OneTouch Ping insulin pump. The company is nonetheless warning customers and providing advice on how to fix the problem.

“The probability of unauthorized access to the OneTouch Ping system is extremely low,” the company said in letters sent on Monday to doctors and about 114,000 patients who use the device in the United States and Canada.

“It would require technical expertise, sophisticated equipment and proximity to the pump, as the OneTouch Ping system is not connected to the internet or to any external network.”
A copy of the text of the letter was made available to Reuters.
Insulin pumps are medical devices that patients attach to their bodies that injects insulin through catheters.
The Animas OneTouch Ping, which was launched in 2008, is sold with a wireless remote control that patients can use to order the pump to dose insulin so that they do not need access to the device itself, which is typically worn under clothing and can be awkward to reach.
Jay Radcliffe, a diabetic and researcher with cyber security firm Rapid7 Inc, said he had identified ways for a hacker to spoof communications between the remote control and the OneTouch Ping insulin pump, potentially forcing it to deliver unauthorized insulin injections.
The system is vulnerable because those communications are not encrypted, or scrambled, to prevent hackers from gaining access to the device, said Radcliffe, who reported vulnerabilities in the pump to J&J in April.
J&J executives said they worked on the security issues with Radcliffe.
Dosing a patient with too much insulin could cause hypoglycemia, or low blood sugar, which in extreme cases can be life threatening, said Brian Levy, chief medical officer with J&J’s diabetes unit.
Company technicians were able to replicate Radcliffe’s findings, confirming that a hacker could order the pump to dose insulin from a distance of up to 25 feet, Levy said. He said such attacks are difficult to pull off because they require specialized technical expertise and sophisticated equipment.
“We believe the OneTouch Ping system is safe and reliable.  We urge patients to stay on the product,” Levy said.
J&J’s letter said that if patients were concerned, they could take several steps to thwart potential attacks. They include discontinuing use of a wireless remote control and programming the pump to limit the maximum insulin dose.
In August, a prominent short seller and a cyber security research firm went public with allegations of potentially life-threatening cyber vulnerabilities in heart devices from St. Jude Medical Inc.
As its shares tumbled, St. Jude said the allegations were false, and the U.S. Food and Drug Administration began an investigation.
The FDA is preparing to issue formal guidance on how medical device makers should handle reports about cyber vulnerabilities.

An early draft of that guidance, which was released in January for public comments, called for device makers to work with security researchers, identify steps to mitigate risks, and provide patients with information about bugs so they can “make informed decisions” about device use.

The FDA declined to comment on J&J’s handling of the vulnerability in the insulin pump.
J&J said it had reviewed the matter with the FDA before sending the letters.
Radcliffe said he believed that OneTouch Ping users would be safe if they followed the steps outlined in the letters from
J&J.
“They can give peace of mind to the patient or parent of a child using the device,” he said.
J&J Chief Information Security Officer Marene Allison said her team would make sure other J&J products do not have similar bugs.
Radcliffe said he found vulnerabilities in the Animas OneTouch Ping, but not the Animas Vibe line of insulin pumps.
Suzanne Schwartz, an FDA official responsible for reviewing bugs in medical devices, said in a statement that she encourages collaboration between researchers and device manufacturers to identify, remediate and alert the public to vulnerabilities.
“It enables all stakeholders to better address device safety with the interest of patient health in mind,” she said.
The FDA has said it knows of no cases where hackers have exploited cyber vulnerabilities to harm a patient.
The agency last year issued multiple warnings about cyber bugs in infusion pumps from Hospira, which has since been
acquired by Pfizer Inc.(Thomson Reuters)
Link : http://www.cbc.ca/news/health/insulin-pump-hack-1.3790456
fb-share-icon
Tweet 20

Continue Reading

Previous: Zamboanga inmates benefit from BJMP livelihood skills
Next: Struggle to reach worst-hit parts of Haiti as Florida braces for storm’s arrival – BBC News

Related News

PhilHealth1
  • Health

PhilHealth Speeds Up Payments, releases over P592M to NKTI in less than 5 Months

Editor May 29, 2025
Bountiful-harvest
  • Featured
  • Mindanao Post

Aquaponics to conservation: How a young farmer is growing change

Editor May 28, 2025
BARMM-Ministry-of-Health
  • Health
  • Mindanao Post

BARMM health ministry calls for vigilance against MPOX

Editor May 23, 2025

Trending News

Manny Pacquiao Returns to Rewrite History – The Fight That Will Inspire a Nation Pacquiao 1
  • Sports

Manny Pacquiao Returns to Rewrite History – The Fight That Will Inspire a Nation

May 29, 2025
Optum Philippines celebrates first anniversary of Davao Hub and Davaoeño talent MAJ03649 2
  • Business

Optum Philippines celebrates first anniversary of Davao Hub and Davaoeño talent

May 29, 2025
PhilHealth Speeds Up Payments, releases over P592M to NKTI in less than 5 Months PhilHealth1 3
  • Health

PhilHealth Speeds Up Payments, releases over P592M to NKTI in less than 5 Months

May 29, 2025
BARMM brings medical missions to IDP shelters in Marawi Health-mission 4
  • Mindanao Post

BARMM brings medical missions to IDP shelters in Marawi

May 28, 2025
911 in Camiguin town logs over 500 calls since January Service-expansion 5
  • Mindanao Post

911 in Camiguin town logs over 500 calls since January

May 28, 2025
  • Facebook
  • X
  • YouTube
  • Blog
Copyright © 2025. The Mindanao Examiner Regional Newspaper. All Rights Reserved. | MoreNews by AF themes.