Security News > 2021 > October > Medtronic urgently recalls insulin pump controllers over hacking concerns
Medtronic is urgently recalling remote controllers for insulin pumps belonging to the 'MiniMed Paradigm' family of products, due to severe cybersecurity risks.
The controllers that should be returned to the vendor are models MMT-500 and MMT-503, used with Medtronic MiniMed 508 insulin pump and the MiniMed Paradigm family of insulin pumps.
Insulin pumps are used for delivering insulin to diabetic users, while the remote controller aids in the wireless commanding of the device.
The problem with these older remotes is that an unauthorized person could potentially record and replay the wireless communication signal that is generated when the user presses a button on the controller, sending commands directly to the insulin pump.
"You should immediately stop using and disconnect the remote controller, disable the remote feature, and return the remote controller to Medtronic. See the Appendix attached to this letter for detailed instructions" - Medtronic.
Back in June 2019, Medtronic and the FDA warned users of the MiniMed 508 and the Paradigm series insulin pumps about hacking risks, running a national recall program to address them.