More than 1 million people may have had personal data compromised during a recent hacking of Zoll Medical’s systems. That’s according to a notice that Zoll filed with Maine’s attorney general, one of a number filed with federal and state agencies since the data breach in late January. Operated out of Massachusetts, Zoll is an […]
Cybersecurity
BD issues vulnerability warning for Alaris infusion monitoring software
BD (NYSE:BDX) today issued a voluntary notification regarding cybersecurity vulnerabilities with its Alaris Infusion Central software. Alaris Infusion Central, a standalone software — separate from pumps — provides data from the Alaris pumps. It allows healthcare providers to monitor infusion data sent from Alaris Plus and Alaris neXus pumps on a computer. Alaris Infusion Central […]
Glooko picks up security certification for diabetes patient management platform
Glooko announced today that it received ISO 27001 certification for its data management and remote patient monitoring platforms. Palo Alto, California-based Glooko develops remote patient monitoring and chronic care management products. These include data management technologies for insulin delivery devices. ISO 27001, an international compliance framework, serves as the international security standard for protecting customer […]
How BD is getting more proactive about medtech cybersecurity
Medtech giant BD today detailed how it has taken proactive steps to ensure medtech cybersecurity in an increasingly critical environment. “Medical device cybersecurity has become more critical than ever as the number of smart, connected devices grows and healthcare expands into more care settings, including patient homes,” said Rob Suárez, the company’s chief information security […]
BD warns on cybersecurity risk with BodyGuard infusion pumps
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) today issued an advisory regarding infusion pumps from BD (NYSE:BD). CISA’s advisory concerns the BD BodyGuard infusion pumps. They may contain a vulnerability in the form of a missing protection mechanism for an alternate hardware interface. Get the full story at our sister site, Drug Delivery Business News.
BD secures ISO certification for its information security management system
BD announced today that it has secured ISO certification for its enterprise-level Information Security Management System. The Franklin Lakes, New Jersey–based company said the ISMS meets a rigorous set of independently audited international standards. BD says the ISO/IEC 27001:2022 certification demonstrates its commitment to protecting the company, customers and patients from cybersecurity threats. The International […]
CISA warns on cybersecurity vulnerabilities for certain Baxter infusion pumps
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) today issued a warning on some Baxter (NYSE:BAX) infusion pumps. Sigma and Baxter Spectrum infusion pumps are included in a CISA notice over remotely exploitable vulnerabilities. Those vulnerabilities include: missing description of sensitive data, use of externally controlled format string and missing authentication for critical functions. The […]
BD, government warn on cybersecurity issues with BD’s Pyxis, Synapsys systems
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) today released advisories on two products from BD (NYSE:BDX). Vulnerabilities with the BD Pyxis automated medication dispensing system and the BD Synapsys microbiology informatics software were voluntarily reported by Franklin Lakes, New Jersey–based BD through the CISA coordinated vulnerability disclosure program. The BD Pyxis’ vulnerability is labeled […]
Stryker leaders talk medtech trends at DeviceTalks Boston: ‘If you’re slow, you’re going to lose’
The first day of DeviceTalks Boston closed with a panel of Stryker (NYSE:SYK) executives discussing new tools, technologies and strategies in medtech. Digital VP Tracy Robertson, Digital, Robotics, and Enabling Technologies President Robert Cohen and Surgical Technologies VP of Digital Innovation Siddarth Satish offered their thoughts on industry trends in healthcare and at the Kalamazoo, […]
Government warns on cybersecurity issues with Philips’ e-Alert MRI monitoring system
The U.S. Cyber Security & Infrastructure Security Agency (CISA) today issued a notice regarding the e-Alert system from Royal Philips (NYSE:PHG). CISA called attention to the e-Alert MRI system monitoring platform (version 2.7 and prior) and a potential vulnerability related to “missing authentication for critical function.” According to the CISA notice, successful exploitation of the […]
Government warns on cybersecurity issue with Fresenius Kabi’s Agilia Connect infusion system
The U.S. Cyber Security & Infrastructure Security Agency today issued a medical advisory for the Fresenius Kabi Agilia Connect infusion system. Fresenius Kabi’s Agilia Connect infusion system has been deemed “exploitable remotely/low attack complexity” by the agency. Successful exploitation of vulnerabilities could allow an attacker to gain access to sensitive information, modify settings or parameters or perform […]