ID theft in a heartbeat

ID theft in a heartbeat

US scientists hack confidential patient details held on wireless heart defibrillator

A wireless heart defibrillator that automatically shocks an erratic heartbeat into a normal rhythm could be used to steal patients' information, American scientists have said.

During tests, researchers at Washington University, Massachusetts University and Amherst and Harvard Medical School found they could hack into the unsecured wireless signal that the device emits.

According to reports from the New York Times, they then used the signal to steal information such as data about a patient’s condition, their birth date, social security number and medical ID number.

These details are stored on the heart monitor to reduce doctors' workloads. The device sends information on a patient to a bedside monitor, which a doctor can access from remote locations.

The scientists also found that they were able to use the wireless signals to shut down the defibrillator or deliver jolts of electricity, which they claim could be “potentially fatal”.

They also warned that more patients could be at risk as wireless connections are used in more medical devices. These include pacemakers, spinal cord stimulators and hearing implants.

Dr William Maisel, one of the study's authors, said: “There will be more implanted devices and more wireless capabilities and transmissions over greater distances."

Despite this, people should not panic as the “risks to patients now are very low,” Dr Maisel said.