Recall – Implantable device programmer cybersecurity vulnerabilities

Company: Medtronic Inc., Cardiac Rhythm and Heart Failure (CRHF)
Date of Enforcement Report: 3/25/2020
Class II

PRODUCT

Medtronic CareLink 2090 Programmer. Used to interrogate and program Medtronic and Vitatron implantable devices, such as pacemaker/ICD/CRT.

  • Recall Number: Z-1524-2020

REASON

Medtronic Conexus Telemetry has been determined to contain two primary cyber vulnerabilities: improper access control and the cleartext transmission of sensitive information.

RECALLING FIRM/MANUFACTURER

Medtronic Inc., Cardiac Rhythm and Heart Failure (CRHF) on 1/30/2020. Voluntary:  Firm Initiated recall is ongoing.

VOLUME OF PRODUCT IN COMMERCE

23,180 devices

DISTRIBUTION

US Nationwide and International

Cybersecurity Review

Our cybersecurity experts are NESSUS Pro Licensed and can quickly remediate cybersecurity deficiencies with your medical device or digital health software.  Planning, requirements, validation, and submissions – we can assist with all.

Interested in having a conversation?  Email us to arrange a Zoom meeting or call us at +1 781-721-2921.

office@softwarecpr.com

Corporate Office

15148 Springview St
Tampa, FL 33624
USA
+1-781-721-2921
Partners located in the US (CA, FL, MA, MN), Canada, and Italy.