Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.
Another hacking scandal comes from beneath the murky waters of the World Wide Web.
This time, it’s Johnson & Johnson.
The pharmaceutical manufacturers are warning patients of a cyber-attack where a hacker is thought to have access to the medical pumps that could administer more insulin than necessary, causing diabetic patients to overdose.
It goes without saying, this is a potentially serious issue.
The potential security threat was initially discovered by Senior Security Consultant, Jay Radcliffe, who found that the hackers could gain access because communication on the OneTouch Ping system was not encrypted. If the data had been encrypted then it makes it harder for an unauthorised person to access the information. In short, it turns sensitive information into possibly unintelligible data.
Without getting too technical, the OneTouch Ping system allows patients to use a wireless remote control to pump in their required dose of insulin. By not having the protection of an encrypted form of communication, a hacker could trick the remote control and trigger unauthorised insulin injections. The increased injections could potentially harm users, causing them to have a hypoglycemic reaction.
As far as we’re aware, no one has suffered as a result of the problem so far; and hopefully no one will!
The company recently released a statement to combat any potential wild theories saying:
“…the probability of unauthorised access to the OneTouch Ping system is extremely low.”
They continue to say that it’s not a cause for panic, and that it’s safe and reliable to use. But people can minimise the risk of an attack by not using the remote control, and by programming the pump to limit the maximum dosage.
This may not stop thousands of users from panicking though.
Moving forward, the standard encryption with a unique key pair could solve these issues and worries of any future cyber-attack. In the meantime, J&J has sent out letters to doctors and around 114,000 patients to warn them of the cyber-attack and the safety precautions they can take.
This may be the first time that a medical device manufacturer has announced a potential cyber-security problem affecting a product. The announcement may have been made to ensure protection against any potential risk, so it can be seen as possibly commendable that the manufacturer took such pre-emptive actions.
Then again, we can never be too careful when it comes to cyber security and people’s health.
In another similar case, pacemaker manufacturer St Jude Medical was accused of having a security flaw, but they subsequently sued the company that released the rumours, which were later found to be untrue. If companies and organisations are open and transparent with their customers, this may enhance their credibility as a company. J&J’s shares almost stayed the same post-revelation which could be because they kept their customers well-informed.
As technology expands, there is always going to be inevitable and greater security risks. Companies like J&J should keep their customers well-informed of any security vulnerabilities, even if its a small one. When you compare this with Yahoo, who allegedly took up to two years to release the information that 500 million of their customers’ accounts had been hacked, we see two very different stances.
Moral of the story: keep your customers happy by keeping them in the know.
The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.