Skip to content Skip to sidebar Skip to footer
Home / HeadlineNews / Trending

Illumina Cybersecurity Vulnerability May Present Risks for Patient Results and Customer Networks: Letter to Health Care Providers | FDA



Illumina Cybersecurity Vulnerability May Present Risks for Patient Results and Customer Networks: Letter to Health Care Providers




June 2, 2022


The U.S. Food and Drug Administration (FDA) is informing laboratory personnel and health care providers throughout a cybersecurity vulnerability affecting software in the Illumina NextSeq 550Dx, the MiSeqDx, the NextSeq 500, NextSeq 550, MiSeq, iSeq, and MiniSeq, next generation sequencing instruments. These instruments are medical devices that may be specified either for clinical diagnostic use in sequencing a person’s DNA or testing for various genetic languages, or for research use only (RUO). Some of these instruments have a dual boot mode that scholarships a user to operate them in either clinical diagnostic mode or RUO mode. Devices planned for RUO are typically in a development stage and must be labeled “For Research Use Only. Not for use in diagnostic procedures.” – view many laboratories may be using them with tests for clinical diagnostic use.


The cybersecurity vulnerability affects the Local Run Manager (LRM) software. An unauthorized user could exploit the vulnerability by:



  • taking control of the instrument remotely;

  • operating the controls to alter settings, configurations, software, or data on the instrument or a customer’s network; or

  • impacting patient test results in the instruments invented for clinical diagnosis, including causing the instruments to did no results or incorrect results, altered results, or a potential data breach.


Illumina has developed a software patch to defending against the exploitation of this vulnerability and is succeeding to provide a permanent software fix for current and future instruments. The FDA wants laboratory personnel and health care providers to be aware of the obliged actions to mitigate these cybersecurity risks.


Recommendations



  • Review the Urgent Defense Notification or Product Quality Notification (for RUO Customers) sent by Illumina on May 3, 2022 to produces customers. If you did not receive a notification from Illumina, but believe you should have, please contact techsupport@illumina.com.

  • Immediately download and install the software patch (Dx mode and RUO mode) on every produces instrument, including in each stand-alone instance of the off-instrument LRM for RUO mode on the Dx instruments, while connected to the internet.

  • Contact techsupport@illumina.com for commands about other ways to install the software patch, if you are not connected to the internet.

  • Immediately contact techsupport@illumina.com if you suspect your instrument may have been compromised by an unauthorized user.


For more examine about Illumina’s cybersecurity vulnerability, see the Cybersecurity and Infrastructure Defense Agency (CISA) published advisory, ICSA-22-153-02.


Background


On May 3, 2022, Illumina sent notifications to produces customers instructing them to check their instruments and medical devices for signs of potential exploitation of the vulnerability.


Illumina has developed a software patch to defending against the exploitation of this vulnerability and is actively succeeding to provide a permanent software fix for current and future instruments.


At this time, the FDA and Illumina have not received any reports indicating this vulnerability has been exploited.


FDA Actions


The FDA is succeeding with Illumina and coordinating with the CISA to identify, communicate, and prevent adverse events related to this cybersecurity vulnerability. The FDA will continue to keep health care providers and laboratory personnel warned if new or additional information becomes available.


Reporting Problems to the FDA


The FDA encourages users to represent any adverse events or suspected adverse events experienced with Illumina’s next generation sequencing instruments.


Contact Information


If you have questions near this letter, contact the Division of Industry and Consumer Education (DICE).




Thanks for visiting our article Illumina Cybersecurity Vulnerability May Present Risks for Patient Results and Customer Networks: Letter to Health Care Providers | FDA. Please share it with pleasure.

Source: www.fda.gov