Cyber-Security Vulnerabilities Identified In Certain Implantable Cardiac Devices

January 11, 2017 07:41 PM

A warning for patients who have a certain type of implantable heart device:  according to the FDA, there's a cyber-security flaw that could allow hackers to take control of a person's defibrillator or pacemaker.

It's important to point out that there have been no reports of patients being harmed due to this cyber-security flaw.


The device is the "Merlin@home Transmitter" made by St. Jude Medical. It's made for patients with irregular heart rhythms that can cause cardiac failure or arrest. The transmitters send heart device data back to medical professionals. According to the FDA, the transmitter can be hacked which could result in battery depletion or inappropriate pacing and shocks.

KSTP Medical Expert Dr. Archelle Georgiou says this is a reminder that no electronic device is foolproof and that consumers have to be vigilant as well.

"The company needs to take every measure to make sure the product is safe, but it's on the consumer and the user too.  Remember the device is in their home and their bodies, so they also have to make sure their home network is safe as well," Georgiou said.

St. Jude Medical is making software repair available.  Security patches will automatically be rolled out to patients with these transmitters at home.  All you have to do to get the fix is be plugged in and connected to the company's network.


Ellen Galles

Copyright 2017 - KSTP-TV, LLC A Hubbard Broadcasting Company


Hodges Returns to Press Conference After Protesters Force Her to Leave the Room

Minneapolis Police Chief Harteau Resigns, Mayor Nominates New Chief

DEVELOPING: St. Paul Police Investigate Fatal Bus vs. Car Crash

Marchers Delay Downtown Transit, Traffic

Police Union President Calls Harteau's Resignation 'Right Move'

BCA Identifies Witness at Scene of Damond Shooting