Medtronic issues alert for vulnerable defibrillators, home devices

The Department of Homeland Security is aware of the issue.
Publish date:

The Department of Homeland Security and Minnesota-based Medtronic have issued an alert notifying the public that more than 20 Medtronic products are vulnerable to being hacked. 

The alert says hackers with short-range access to the devices can interfere, generate, modify or intercept a radio frequency from Medtronic's Conexus telemetry system, which, in layman's terms, can impact a product's functionality and/or allow hackers to access sensitive data. 

Vulnerable products include the MyCareLink Monitor, CareLink Monitor, CareLink 2090 Programmer, and all of the Medtronic implanted cardiac devices listed below. 

  • MyCareLink Monitor, Versions 24950 and 24952
  • CareLink Monitor, Version 2490C
  • CareLink 2090 Programmer
  • Amplia CRT-D (all models)
  • Claria CRT-D (all models)
  • Compia CRT-D (all models)
  • Concerto CRT-D (all models)
  • Concerto II CRT-D (all models)
  • Consulta CRT-D (all models)
  • Evera ICD (all models)
  • Maximo II CRT-D and ICD (all models)
  • Mirro ICD (all models)
  • Nayamed ND ICD (all models)
  • Primo ICD (all models)
  • Protecta ICD and CRT-D (all models)
  • Secura ICD (all models)
  • Virtuoso ICD (all models)
  • Virtuoso II ICD (all models)
  • Visia AF ICD (all models)
  • Viva CRT-D (all models)

According to the Star Tribune, the issue affects up to 750,000 Medtronic products, but not the Fridley-based company's pacemakers. 

Medtronic is encouraging anyone with the aforementioned products to maintain physical control of home monitors and programmers; only use products obtained directly from a healthcare provider or Medtronic; avoid connecting devices with USB ports or other physical connections; only connect programmers with implanted devices at a hospital or clinic; only use home monitors in a private or controlled environment; and report any concerning issues to a healthcare provider or Medtronic. 

Patients are encouraged to keep monitors and programmers plugged in so they receive important security and software updates. 

Follow Bring Me The News on LinkedIn

Next Up


Medical alert issued for Medtronic's Entrust defibrillators

British regulators warn the device has a battery defect that can fail to properly shock a heart back into a normal rhythm. Patients are encouraged to see their cardiologists to ensure an audible "low-battery" alert is working properly. Fridley-based Medtronic denied any wrong doing, but settled lawsuits regarding battery issues in its Marquis line of defibrillators less than four years ago.