FDA Confirms Cyber Vulnerability in Certain St. Jude Implantable Devices, But Notes New Software Patch

The U.S. Food and Drug Administration has confirmed cybersecurity vulnerabilities in St. Jude Medical’s Merlin@home transmitter and radio frequency-enabled implantable cardiac devices, and has issued a Safety Alert containing recommendations for reducing the risk of cyber intrusions. Moreover, the FDA notes that St. Jude has developed and validated a software patch that addresses the identified vulnerabilities.  The patch became available this week, and will be applied automatically to the Merlin@home transmitter. [1/11/17]