Javascript is not enabled.

Javascript must be enabled to use this site. Please enable Javascript in your browser and try again.

Skip to content
Content starts here
CLOSE ×
Search
Brought to you by
Leaving AARP.org Website

You are now leaving AARP.org and going to a website that is not operated by AARP. A different privacy policy and terms of service will apply.

FDA Announces Fix for Pacemaker Security Flaws

More than 450k implanted devices could be hacked

pacemaker hack
The FDA announced that nearly half a million pacemakers are vulnerable to hacking, but a software update administered at a doctor's office can resolve the issue.
Abbott

Almost half a million Americans with implantable pacemakers are at risk of having the devices hacked and should visit their health care providers for an urgent firmware update, the Food and Drug Administration recently announced.

Late last week, the FDA released a statement notifying patients about the available update. This follows the announcement earlier this year that 465,000 pacemakers manufactured by Abbott Laboratories contain security flaws that could allow hackers to access the implanted devices, which help control abnormal heart rhythms in patients. Abbott was formerly known as St. Jude Medical.

member card

AARP Membership — $12 for your first year when you sign up for Automatic Renewal

Get instant access to members-only products and hundreds of discounts, a free second membership, and a subscription to AARP the Magazine.

Join Now

"This access could be used to modify programming commands to the implanted pacemaker, which could result in patient harm from rapid battery depletion or administration of inappropriate pacing," according to the FDA statement.

In other words, until the patient’s device receives the update, a hacker conceivably could take control of the pacemaker or shut it off entirely. The FDA pointed out that despite the vulnerability, there have been no known incidents of anyone exploiting the flaw.

The availability of the software update is good news for those affected, as it means they won’t have to have new devices implanted. Abbott, which issued a voluntary recall of the affected devices, says the update would take only about three minutes in a doctor’s office, and that the device would run on backup as the installation takes place.

The announcement about the hackable pacemakers sounds like a plot point out of a sci-fi or murder mystery film — in fact, such an occurrence was written into the second season of Showtime’s terrorism drama Homeland as an assassination method. But experts say it’s now reality , and the pacemaker situation is a stark warning about the consequences of connected medical devices.

Josh Corman, director of the Cyber Statecraft Initiative at the Atlantic Council, said he hopes this serves as a wake-up call to the medical industry as it implements new technology. He called it a key moment in the evolution of connected medical devices.

"I'm hoping that what device makers and physicians get out of this is we shouldn't just assume that connecting medical technology makes this better," Corman told CNN.

membership-card-w-shadow-192x134

AARP Membership — $12 for your first year when you sign up for Automatic Renewal

Get instant access to members-only products and hundreds of discounts, a free second membership, and a subscription to AARP the Magazine.