Johnson & Johnson recently warned its patients in a letter that the OneTouch Ping Insulin Pump System has a cybersecurity issue involving the possibility of a third party gaining unauthorized access to the pump.
Though the pump system is not connected to the internet or an external network, it may be hacked through its unencrypted radio frequency communication. Patients concerned about unauthorized access may turn off the pump’s radio frequency feature. Disabling this feature, however, will cease communications between the pump and meter, and blood glucose readings will then need to be manually entered on the pump.
J&J’s notification comes one year after the Food and Drug Administration warned health care facilities of similar security vulnerabilities associated with Hospira’s Symbiq Infusion System (that device has been discontinued due to unrelated issues), and urged facilities to use alternative systems.
Reuters received a copy of the letter mailed to patients, which can be viewed here.