The cybersecurity expert who hacked his own Medtronic insulin pump almost a year ago has finally met officials from the Fridley-based company, Bloomberg reported.
Jay Radcliffe, a 33-year-old Idaho man who hacked into his own pump at a cybersecurity conference in August 2011, appeared on a panel last week with Michael McNeil, Medtronic's chief privacy and security officer, at the Amphion Forum in Washington, D.C., a computer-security conference.
Medtronic's California-based diabetes business is the largest maker of insulin pumps in the world. Radcliffe and others suspected the security vulnerabilities could extend to other devices, such as pacemakers and implantable heart defibrillators.
After he hacked into his pump in 2011, Radcliffe was repeatedly rebuffed by Medtronic officials. "Blowing me off is not an ethical response," he said as he went public explaining that Medtronic made the pump. Radcliffe demonstrated he was able to disable the pump's lifesaving therapy by remotely turning it off on stage at a Black Hat conference in August 2011.
Medtronic CEO Omar Ishrak said then that the probability of a security breach is small but that Medtronic "takes security very seriously." Security systems on new pumps will improve going forward, he said. He also said there's never been an incidence of pump hacking in the real world -- it has only occurred in controlled settings with skilled individuals.
Adam Belz • 612-673-4405