Pacemakers are devices used in clinical settings to monitor how implantable devices are working and set therapy parameters. Researchers found 8,000 known vulnerabilities in third-party libraries used by each manufacturer. Some of the devices stored unencrypted patient data on the programmer, including Social Security numbers and medical history. The researchers said all issues were, or will be, reported to the Department of Homeland Security s Industrial Control System CERT. The programmers are one of four components in modern pacemaker deployments along with the pacemaker.
Source: https://threatpost.com/pacemaker-ecosystem-fails-its-cybersecurity-checkup/125942/