Saturday, June 27, 2020

FDA Confirms Robotron Health Hack

Today the Federal Drug Administration confirmed reports that a death from insulin overdose earlier this week in New York City was the result of the hack of the Robotron IPumpe worn by the patient. FDA spokesperson Clark Stanley told reporters that the unnamed patient had been using the insulin pump for over a year with no problems and that the pump log showed an unauthorized change in pump rate just before the patient went into an insulin shock. The patient was declared dead upon arrival at Emanuel Unity Hospital.

 

“We are working with ECS-CERT and the Federal Bureau of Inquiry in our investigation of this incident,” Stanley told reporters.

 

“The attacker was able to gain access to the pump programing via the Ripple20 vulnerabilities reported earlier this month,” Immanuel C. Securitage, spokesman for the ECS-CERT told reporters; “The access to the device was via the Bluetooth service that is designed for use by physicians to program the device.”

 

Last week Robotron published a security advisory for the Ripple20 vulnerabilities in their Healthcare product line. The IPumpe had been identified as an affected product, but that “there is no risk to the patient because the device is not connected to the Interent.” Robotron has not replied to requests for comment.

 

Johnathan Quest, the FBI spokesperson confirmed that: “The Bureau has identified a person of interest in this case and is continuing its investigation.”

 

CAUTIONARY NOTE: This is a future news story –


No comments:

Post a Comment