BD discloses cybersecurity vulnerability in cervical cytology processing machine

The company is advising users to address the threat by restricting access to the instrument while it works on a software patch.

By Nick Paul Taylor • Oct. 6, 2022

Cyber risks identified in Canon Medical product used to view medical images, security firm says

Vulnerabilities in Canon Medical’s Vitrea View product could provide access to patient information and other services, according to cybersecurity firm Trustwave Spiderlab.

By Ricky Zipp • Updated Sept. 30, 2022

Explore the Trendline➔

Top 5 stories from MedTech Dive

From the top medtech trends to watch in 2026 to haphazard layoffs at the Food and Drug Administration and the evolving use of AI in the medtech sector, here is a collection of top stories from MedTech Dive.

By MedTech Dive staff

FDA makes case for ‘new regulatory paradigm’ amid hurdles in software-oversight program

The agency seeks to tailor requirements based on the latest science, the benefits and risks posed by devices, their real-world performance and their contribution to promoting health equity.

By Nick Paul Taylor • Sept. 27, 2022

Medtronic issues urgent notice about MiniMed insulin pump system vulnerability

Unauthorized users could hack into the device while it’s being set up, and cause the pump to deliver too much or too little insulin, potentially resulting in outcomes including death.

By Nick Paul Taylor • Sept. 21, 2022

FBI warns of cyber risks from legacy medical devices

Outdated device software can put data, patient safety and hospitals’ operations at risk, the top U.S. law enforcement agency warned.

By Ricky Zipp • Sept. 15, 2022

Cybersecurity firm finds vulnerabilities in Baxter’s Sigma infusion pumps

The weaknesses could allow attackers to access Wi-Fi data and make the device unavailable.

By Nick Paul Taylor • Updated Sept. 8, 2022

‘Underfunded’ FDA falls short in ensuring medical devices protect against cyberattacks, experts say

Medical device manufacturers argue the agency’s current rules on cybersecurity requirements are too restrictive and should be phased in gradually.

By Elise Reuter • Aug. 11, 2022

Friday Q&A: FDA’s former medical device cybersecurity director says more investment needed in staffing

The FDA and medtech companies will need more cybersecurity staff to stay ahead of hackers, says Kevin Fu, who is now focused on building that workforce for the government, private sector and academia.

By Elise Reuter • Aug. 5, 2022

Lack of payment pathway clarity hinders digital therapeutics, analysts say

The report warns of a sector beset by payment issues, “snake oil” and “middling adoption.”

By Nick Paul Taylor • July 15, 2022

DHS warns cybersecurity vulnerabilities in Illumina software could affect test results

Three of the flaws outlined by the Department of Homeland Security received the highest risk score. Vulnerabilities could allow attackers to remotely alter the results generated by Illumina products.

By Nick Paul Taylor • June 6, 2022

BD's Pyxis medication dispenser gets fifth DHS cybersecurity alert in 5 years

The company said there are no known public exploits that specifically target a password vulnerability and that it's working to address the problem.

By Nick Paul Taylor • June 1, 2022

Employees cause more cyber breaches in healthcare than other industries, report finds

Employees were responsible for 39% of healthcare breaches last year. That's compared to 18% across all industries, according to new Verizon research.

By Rebecca Pifer Parduhn • May 27, 2022

House user-fees bill details clinical trial diversity, cybersecurity requirements

The legislation would let the FDA bring in $1.78 billion in fee revenue from 2023 to 2027 to fund the review of medical devices. That amount could increase to $1.9 billion if the agency meets certain performance goals.

By Elise Reuter • May 10, 2022

CDRH's Shuren expects center to return to normal this year despite ongoing COVID work

Jeff Shuren, the director of the FDA's Center for Devices and Radiological Health, also stressed the need for increased cybersecurity and supply chain funding and authority during an event on April 29.

By Ricky Zipp • May 2, 2022

Medtech survey finds widespread cybersecurity noncompliance despite rising investment

Over 80% of respondents see device security as a competitive advantage and almost every company budgeted more money for it this year. However, 80% view the issue as a "necessary evil" imposed by regulators.

By Nick Paul Taylor • April 21, 2022

FDA official: Draft cybersecurity guidance has 'teeth'

Not following the guidance in premarket submissions means potential delays for device makers, said Suzanne Schwartz, director of CDRH's Office of Strategic Partnerships and Technology Innovation.

By Greg Slabodkin • April 11, 2022

Going beyond HIPAA compliance is worthwhile

Just because HIPAA doesn't require the use of data governance technology doesn't mean you can do without it.

April 11, 2022

FDA clarifies cybersecurity recommendations for device makers in new guidance

The draft guidance, which replaces a 2018 document, sets recommendations for how medical device companies should approach cybersecurity in premarket submissions and maintaining products throughout their lifecycle.

By Elise Reuter • April 7, 2022

Senators drill down on rising user fees, cybersecurity and clinical trial diversity in MDUFA hearing

While Tuesday's Senate hearing did not include FDA officials, lawmakers questioned industry groups as they consider the MDUFA V agreement that would increase the amount the agency can collect in fees from device makers.

By Elise Reuter • April 6, 2022

CISA warns about cyber flaw in Philips MRI monitoring software

Philips' e-Alert has a vulnerability that could allow an unauthorized user to remotely shut down the system, the U.S. Cybersecurity and Infrastructure Security Agency said in an advisory.

By Greg Slabodkin • March 30, 2022

FDA asks Congress for 14% bump in device budget for supply chain, cybersecurity programs

For the devices program, the FDA is asking for roughly $698 million, with approximately $466 million from the budget authority and $232 million from user fees.

By Nick Paul Taylor • March 29, 2022

'On high alert': Hospitals wary of cyber threats from Russia-Ukraine war

Cybersecurity has always been chronically underfunded in hospitals, even before COVID-19 swallowed up more resources. Now, this major international threat is creating a "perfect storm," one cybersecurity expert said.

By Rebecca Pifer Parduhn • March 21, 2022

FDA warns of cyber vulnerabilities in medical device software components

An agency alert warned that flaws in PTC's Axeda agent and desktop server, used in devices from several manufacturers, could allow an unauthorized attacker to take full control of the host operating system.

By Greg Slabodkin • March 9, 2022

75% of infusion pumps have cyber flaws, putting them at risk from hackers: study

An analysis of more than 200,000 infusion pumps, using crowd-sourced data supplied by healthcare organizations, found about half were susceptible to "critical" and "high" severity cybersecurity vulnerabilities.   

By Greg Slabodkin • March 3, 2022

Medtech, hospitals on alert for cyberattacks after Russia's invasion of Ukraine

While cybersecurity threats to healthcare and medical devices have grown during the pandemic, the Russia-Ukraine conflict has raised the threat level, putting patient safety at risk.

By Greg Slabodkin • Feb. 28, 2022