Skip to Content
Security & privacy

8,000 hackable bugs found in pacemakers

Do you or someone that you know have a pacemaker? It’s estimated that nearly 3 million people rely on these tiny devices to keep their hearts beating.

With so many lives on the line, it’s disturbing to find out that most pacemakers are vulnerable to hackers.

Why pacemakers are vulnerable to hackers

In January 2017, the Food and Drug Administration (FDA) announced vulnerabilities in certain pacemakers and transmitters. It turns out matters are worse than first thought.

What’s happening now is, security company WhiteScope found over 8,000 bugs that hackers are able to exploit in pacemaker programmers. These are the tools that monitor the patients’ heart rate.

What’s even more frightening is pacemakers do not authenticate these programmers. Which means anyone who gets their hands on one of these gadgets could potentially harm patients with an implanted pacemaker.

Distribution of pacemaker programmers is supposed to be handled by their manufacturers. However, if you do a search on eBay, you’ll see a number of listings of pacemaker programmers for sale. Yikes!

What’s more, researchers have found that monitoring systems used by doctors do not require usernames or passwords when a patients’ pacemaker connects to them. Some patients’ personal information including names, phone numbers, medical conditions and Social Security numbers are unencrypted in many of these tools. Leaving the data wide open for hackers to steal.

An assistant professor at Johns Hopkins said that doctors are not willing to let security systems block patient care. In other words, if there is an emergency situation with a patient who has a pacemaker, the medical staff should not be forced to log in with credentials.

Image: Example of a pacemaker home ecosystem (Source: WhiteScope)

Having your personal data stolen by hackers is a terrible situation. But having someone maliciously affect your health is worse.

At this point, the only advice we can give to patients with pacemakers is to write to the manufacturer and ask them to strengthen the security of their products. Keep checking with our Happening Now section for updates.

More stories you can’t miss:

Do hackers really have millions of usernames and passwords! Should I be worried?

How to spot disguised malicious files before they infect your computer

Hundreds of apps spying on users with ultrasonic tracking technology

Ask me your digital question!

Navigating the digital world can be intimidating and sometimes downright daunting. Let me help! Reach out today to ask your digital question. You might even be on my show!

Ask Me