MassDevice

The Medical Device Business Journal — Medical Device News & Articles | MassDevice

Home » Outside firm backs up short-seller’s claims against St. Jude Medical

Outside firm backs up short-seller’s claims against St. Jude Medical

By

St. Jude MedicalShort-selling firm Muddy Waters said today that outside cybersecurity experts validated its claim that cardiac rhythm management devices made by St. Jude Medical (NYSE:STJ) are vulnerable to malicious hackers.

Muddy Waters and research firm MedSec Holdings, which both stand to gain financially from a decline in the price of STJ shares, 1st claimed in August that St. Jude’s Merlin@home remote patient monitoring system was vulnerable to hacking. Although St. Jude immediately denied the claims as completely false, its share price initially slid some -5% and is still off about -3% from its August 24 close; STJ shares were trading at $79.30 apiece today in mid-day activity, down -0.1%. Last week, in a release timed to coincide with St. Jude’s 3rd-quarter results announcement, the short seller posted a series of videos purporting to show cybersecurity vulnerabilities in the company’s cardiac rhythm management products.

St. Jude sued Muddy Waters, MedSec and their principals in September, accusing them of making false statements, false advertising, conspiracy and “the related manipulation of the public markets in connection with St. Jude Medical’s implantable cardiac management devices.” In its legal response to the lawsuit today, Muddy Waters included a report from a team led by outside consulting firm Bishop Fox that sought to repeat MedSec’s findings, “using only the technical details provided by MedSec” and St. Jude equipment provided by MedSec.

“My overall opinion regarding the security of the St. Jude Medical implantable cardiac device ecosystem is that the security measures I observed do not meet the security requirements of a system responsible for safeguarding life-sustaining equipment implanted in patients. In particular, the wireless protocol used for communication among St. Jude Medical cardiac devices has serious security vulnerabilities that make it possible to convert Merlin@home devices into weapons capable of disabling therapeutic care and delivering shocks to patients at distances of 10 feet, a range that could be extended using off-the-shelf parts to modify Merlin@home units. I found that Muddy Waters’ and MedSec’s statements regarding security issues in the St. Jude Medical implant ecosystem were, by and large, accurate,” wrote Carl Livitt, the Bishop Fox consultant who led the team.

A spokeswoman for St. Jude told MassDevice.com via email that the company brought the lawsuit “to hold these firms accountable for their false and misleading tactics, to set the record straight about the security of our devices, and to help cardiac patients and their doctors make informed medical decisions about our products that enhance and save lives every day.”

“We continue to feel this lawsuit is the best course of action to make sure those looking to profit by trying to frighten patients and caregivers are held accountable for their actions,” the statement read. “Our lawyers are reviewing the response from Muddy Waters and MedSec and will respond through appropriate legal channels.”

In case you missed it

RSS From Medical Design & Outsourcing

  • Baxter, 3M, Abbott near the top of Newsweek’s most responsible companies list
    Several medtech, healthcare and life sciences companies, including big names like Abbott (NYSE:ABT), 3M (NYSE:MMM) and Baxter (NYSE:BAX), are among the 500 “most responsible,” according to Newsweek. The outlet published its “America’s Most Responsible Companies 2022” list, marking the third installment of the compilation (in partnership with Statista), this time expanded to include 500 of the largest public corporations around. Companies were judged with… […]
  • HHS reports 63-fold increase in telehealth use during pandemic
    A new study from the U.S. Department of Health and Human Services found a 63-fold increase in Medicare telehealth use during the COVID-19 pandemic. The report analyzed Medicare fee-for-service data from 2019 and 2020 and highlighted that people in urban areas were more likely to seek and use telehealth services than rural residents. In addition,… […]
  • Carlyle makes a significant investment in Resonetics
    Carlyle-managed funds have acquired a significant interest in medical device contract manufacturer Resonetics. Today’s announcement did not include the investment size, but the deal values Nashua, New Hampshire–based Resonetics at roughly  $2.25 billion. Carlyle joins existing investor GTCR as a meaningful shareholder in the company. Resonetics focuses on producing highly technical components for medical device… […]
  • Interpreting Pump Performance Curves
    Reading pump performance curves is crucial to proper pump selection. This piece reviews the creation and use of diaphragm pump performance curves to determine flow at given vacuum or pressure conditions. Included is a lesser-known method to interpolate pump performance when flow restrictions exist on both the inlet and outlet sides of the pump. Download… […]
  • BD elaborates on diversity and equity goals
    BD (NYSE:BDX) earlier this week outlined its efforts this year related to global inclusion, diversity and equity. Franklin Lakes, New Jersey-based BD released its 2021 Global Inclusion, Diversity and Equity (ID&E) Report, highlighting the progress it’s made in human health as part of its environmental, social and governance (ESG) strategy, according to a news release.… […]
  • How to protect medical devices from hidden cybersecurity risks
    Your software supply chain could be a cybersecurity risk. Here’s what you can do. Vince Arneja, GrammaTech The healthcare industry has been fighting a war on two fronts during the COVID-19 pandemic against the virus and an outbreak of cyberattacks. The Department of Health and Human Services says the sector reported a 9,851% increase in… […]
  • Integer completes $220M Oscor acquisition
    Integer Holdings (NYSE: ITGR) announced today that it has completed its purchase of Oscor — a deal that expands the capabilities of what was already one of the world’s largest medtech contract manufacturers. Integer said the acquisition would cost $220 million when it first announced its plans in October. Oscor is the creator and marketer… […]
  • Respira Labs seeks FDA clearance for its wearable lung monitor
    Respira Labs recently announced that it has developed a wearable device that continuously assesses lung function without the need for traditional pulmonary function tests. Mountain View, California-based Respira Labs designed its Sylvee wearable initially to assess chronic obstructive pulmonary disease, COVID-19 and asthma patients. It is embedded with speakers and microphones that measure the change… […]
  • Owen Mumford starts work on new production center in U.K.
    Owen Mumford this week announced that it has started building its new production facility in Witney, Oxfordshire in the U.K. Owen Mumford’s new Witney facility will stand as a production site for the company’s recently launched, next-generation auto-injector Aidaptus. The company has decades of experience creating its own drug delivery, blood sampling and rapid diagnostic… […]
  • FDA’s Woodcock reassures about COVID-19 tests, vaccines under Omicron
    Acting FDA Commissioner Dr. Janet Woodcock thinks many COVID-19 tests will continue to work with the new Omicron variant — with information coming soon on vaccine efficacy. In a statement posted yesterday, Woodcock said she thought the agency is well-positioned to work with companies to address the potential impact of viral mutations on COVID-19 tests,… […]
  • Traco Power launches THM 60WI DC-DC converters
    Traco Power today announced it has launched its THM 60WI series of quarter brick DC-DC converters. The Baar, Switzerlad-based company designed the DC-DC converters with ultra-wide input ranges and safety approvals for medical and industrial applications. Traco Power’s THM 60WI series of converters consists of 12 models with 9-75 or 18-75 Vin ranges with single… […]