FDA recalls Minimed 508 and Paradigm Pumps due to "cybersecurity concerns"

Hello friends, I’ve been away for a bit! I saw this little piece of news and thought it may be of interest to some folks here.

Personally, I feel as though this move might be aimed at reducing the number of people using DIY closed-loop systems in addition to addressing the “cybersecurity risk”. The concern over someone having the ability to maliciously hack into an insulin pump is a valid one. Just seems a bit odd to me that they have likely known about this potential security flaw for several years now and they’ve suddenly decided to recall them

2 Likes

Similar discussion here, with full list of models

2 Likes

Thank you! I was thinking it a bit odd that nobody here had posted about it yet but I guess maybe many people here are also active at TuD.

Here’s the Medtronic statement, someone shared there, with the model numbers:
https://www.medtronicdiabetes.com/customer-support/product-and-service-updates/notice11-letter

Interestingly my last Medtronic pump (the 530G) appears to be on neither the vulnerable list nor the not vulnerable list, although I’m quite aware that it cannot be used with Loop so I suspect it’s not vulnerable :stuck_out_tongue:

1 Like

There’s a sensible analysis of the situation at Heathline.

Personally, I was interpreting the sudden announcement as Medtronic’s second step to try to reestablish control over the loopers; the first being their provision of funding and influential personnel to the Tidepool LOOP project. After all, there are strong profit-driven reasons to keep the design of the user interface, feature set, and algorithms in the hands of a few corporations. Kind of like IBM’s “customer control” philosophy back in the computer mainframe era, before personal computing enabled widespread competition to drive down the cost of hardware and software.

5 Likes

I believe you’ve cracked the code.

Why ever would a company want to allow its outdated (or even current) equipment models to be used without their oversight and ability to turn a profit?

This is interesting. Thanks for sharing!

Thanks for posting the Heathline article, which is indeed a rare if not unique sensible article about the Medtronic/FDA safety notice related to the years-old-turned-urgent issue. The article still misses to explicitly mention what I think is the main and likely the only reason for the notice, which is to mitigate exposure to legal liability around the use of their pumps in DIY systems. The number of people using the old pumps in DIY systems has grown to thousands. Suppose one of these people has a serious incident. Was this due to user error, pump or infusion set malfunction, DIY system algorithm bug or malfunction, erroneous CGM reading, or something else? Probably very difficult if not impossible to tell with any certainty. With the safety notice, Medtronic is preemptively saying that they have nothing to do with their pumps used in DIY systems - they warned us not to use these pump.

Of course they are making other complementary profit-driven market-dominance motivated moves, including the partnership with Tidepool.

4 Likes