DHS Warning: Hackers can push overdose to insulin pumps

The Department of Homeland Security is issuing a rare medical cybersecurity advisory for insulin pumps.

Specifically, some insulin pumps and devices have a known loophole that a hacker could exploit to cause harm to a person with diabetes and a patient receiving insulin through a popular series of pumps.

The specific warning is that Medtronic insulin pumps are vulnerable to attack.  The risk is that if someone exploits the vulnerability in a Medtronic insulin pump, a hacker could deliver too much or too little insulin by taking control of the insulin pumps.

Medtronic is aware of the potentially dangerous loophole and self-reported the vulnerability to the federal cybersecurity agency, CISA.  Instead of a traditional hack that uses an Internet connection, an attacker would need only have near proximity to an affected device to gain control using the security flaw.

These Medtronic devices are targeted in the warning

  • MiniMed 600 Series Insulin Pumps several models
  • Guardian Link 3 Transmitter
  • Guardian 2 Link Transmitter
  • Carelink USB
  • Contour Next Link 2.4

Credit: Medtronic

What happens when a person is deliberately overdosed with insulin

An unknowing victim could experience any of the following symptoms:

  • Cold sweats
  • Trembling hands
  • Intense anxiety
  • Extreme hunger
  • Fatigue
  • Sense of confusion
  • Lose consciousness or pass out

Hypoglycemia occurs when too much insulin is put in the body.  However, it is serious and could lead to seizures or cause a person to pass out.

When to call 911 for emergency paramedics

Therefore, if you feel like you have overdosed on insulin and your blood sugar level stays low after 2 hours or if your symptoms don’t improve, get medical help.  Alert those around you that if you lose consciousness or cannot respond to instructions, they should call 911 immediately.

What to do about this insulin pump hack risk

  1. Turn off the “Remote Bolus” feature on the pump
  2. Only connect or link to devices in a private place
  3. Be attentive to pump notifications, alarms, and alerts that are unusual

Moreover, if you believe your insulin pump has been hacked, or you suspect pump settings have inexplicably changed, call Medtronic 24-hour support 1-800-646-4633.   If you have one of the affected products, Medtronic has created this customer landing support page with additional details.

If you know someone who has diabetes, consider sharing this to keep them safe.

Related posts

Is your Social Security number at risk? Signs someone might be stealing it

Updated Android malware can hijack calls you make to your bank

Robot dog is making waves with its underwater skills