DOH Warns Health Care Organizations of Medtronic Cardiac Device System Vulnerability
On July 7th, the Department of Health (DOH) issued an Integrated Health Alerting and Notification System (IHANS) alert informing health care organizations of an advisory from medical product manufacturer Medtronic regarding the company’s Paceart Optima software, which runs on an organization’s Windows server. According to Medtronic, a vulnerability exists within the messaging service (which allows health care organizations to send fax, email, and pager messages) in the Paceart Optima system. A bad actor could use it to perform cyberattacks by sending specially crafted messages to the Paceart Optima system. These attacks could allow an attacker to delete, steal, or modify data from, or possibly shut down, a cardiac device. DOH is urging all facilities and providers who utilize this software to immediately review the Medtronic advisory and take steps to ensure the safety of their patients and the integrity of their data.