US authority warns hospitals over use of hackable drug pump

The US Food and Drug Administration is now "strongly encouraging" hospitals not to use a leading brand of drug pump over hacking fears.

Hospira, which made the Symbiq Infusion System pump, had already discontinued the product for business reasons.

The devices were previously revealed to be hackable by an independent researcher.

The manufacturer told the BBC at the time that it was working with the FDA on a more secure system.

The FDA is urging healthcare facilities to switch to alternative infusion systems "as soon as possible".

Although no known instances of hacking have occurred, Hospira said in June that vulnerabilities discovered by security researcher Billy Rios were being investigated by the firm, in co-operation with the Department of Homeland Security (DHS) and the FDA.

Mr Rios recently published a blog post in which he claimed the security flaw had gone unfixed for over a year.

The FDA's statement said that the agency was continuing to investigate the issues but advised hospitals to take action now.

"FDA strongly encourages health care facilities transition to alternative infusion systems, and discontinue use of these pumps," it said.

In a statement, Hospira said it was continuing to work with the DHS and FDA regarding the security issues with their pumps.

In 2007 there were more than 400,000 Hospira pumps in use in hospitals around the world, according to the company's website.

Hospira was acquired by pharmaceutical giant Pfizer in February 2015 in a deal worth $17bn (£11bn).