US warns of unusual cybersecurity flaw in heart devices

The Homeland Security Department is warning the public about an unusual cybersecurity flaw for one manufacturer's implantable heart devices that could allow hackers to remotely take control of a person's defibrillator or pacemaker.

The U.S. says security patches will be rolled out automatically over several months to patients with affected St. Jude Medical device transmitters at home, as long as they are plugged into the network. The transmitters send device data back to medical professionals.

Abbott Laboratories' St. Jude says it's not aware of any deaths or injuries related to the vulnerability, nor is it aware of any specific device or system that's been targeted.

The Food and Drug Administration and the Homeland Security Department have been investigating the devices' security vulnerabilities after cybersecurity researchers publicly identified them in August.