FDA MedWatch: Certain Medical Devices - Safety Communication

https://www.fda.gov/medical-devices/safety-communications/sweyntooth-cybersecurity-vulnerabilities-may-affect-certain-medical-devices-fda-safety-communication?utm_campaign=FDA%20MedWatch%3A%20Certain%20Medical%20Devices%20-%20Safety%20Communication&utm_medium=email&utm_source=Eloqua

A MedWatch Safety Alert was added to the FDA Medical Devices webpage.  TOPIC: Certain Medical Devices: Safety Communication - Due to SweynTooth Cybersecurity Vulnerabilities AUDIENCE: Patient, Health Professional, Risk Manager ISSUE: FDA is informing patients, health care providers, and manufacturers about the SweynTooth family of cybersecurity vulnerabilities, which may introduce risks for certain medical devices. Security researchers have identified 12 vulnerabilities, named “SweynTooth,” associated with a wireless communication technology known as Bluetooth Low Energy (BLE). BLE allows two devices to “pair” and exchange information to perform their intended functions while preserving battery life. The FDA is currently aware of several system-on-a-chip (SoC) manufacturers that are affected by these vulnerabilities: Texas Instruments NXP Cypress Dialog Semiconductors Microchip STMicroelectronics Telink Semiconductor The FDA is not aware of any confirmed adverse events related to these vulnerabilities. Software to exploit these vulnerabilities in certain situations is already publicly available. RECOMMENDATIONS:

Patients Talk to your health care provider to determine if your medical device may be affected or whether you should take any actions. Device manufacturers will be sharing more information as it becomes available. Seek medical help right away if you think your medical device is not working as expected. Health Care Providers Work with device manufacturers to determine which medical devices in your facilities or in use by your patients could be affected by these vulnerabilities and develop risk mitigation plans. Advise patients who use affected medical devices with steps they can take to reduce risk. Remind patients who use medical devices to seek medical help right away if they think operation or function of their medical device changed unexpectedly. Where possible, monitor medical devices for any signs of unusual behavior.

Health professionals and patients are encouraged to report adverse events or side effects related to the use of these products to the FDA's MedWatch Safety Information and Adverse Event Reporting Program: Complete and submit the report online. Download form or call 1-800-332-1088 to request a reporting form, then complete and return to the address on the form, or submit by fax to 1-800-FDA-0178.

Read Alert