Federal regulators warned this week that select cardiac devices made by St. Jude Medical could be susceptible to cyberattacks.
The Food and Drug Administration reported that the Minnesota-based medical device maker's Merlin@home radio-frequency enabled devices could be accessed and modified by hackers — including improperly pacing or shocking patient heartbeats or depleting the device's battery.
The devices, including pacemakers, defibrillators and resynchronization devices, are implanted under the skin with wires connecting to the heart. A home monitor then wirelessly transmits and receives radio frequency signals to and from the device to regulate hearts that beat too slowly or quickly or treat patients in heart failure.
Data is also sent through an internet connection to the patient's physicians through the company's Merlin.net Patient Care Network.