Detailed threat description:
Becton Dickinson (BD) identified unauthorized access to product service credentials used by its technical support teams.
While the unauthorized access has been terminated and additional security measures have been implemented, BD has notified customers of a potential risk until the credentials are fully updated.
This situation could potentially lead to data manipulation, system downtime, or delays in medication delivery; however, no incidents have been reported to date.
Impacts on healthcare organizations:
Customers using affected Dispensing and Lab products should know that this issue may impact product functionality and patient care.
Affected Products / Versions:
The following BD products have been identified as potentially impacted:
BD Pyxis™ MedStation™ ES
BD Pyxis™ MedStation™ ES Tower
BD Pyxis™ Anesthesia Station ES
BD Pyxis™ Enterprise Server
BD EpiCenter™ Microbiology Data Management System
BD Synapsys™ Informatics Solution
BD BACTEC™ Blood Culture System
BD Phoenix™ M50 Automated Microbiology System
BD MAX™ System
BD COR™ System
Reporting Adverse Events
Report any adverse health consequences experienced with the use of these products to BD. Events may also be reported to the FDA’s MedWatch Adverse Event Reporting program via:
- Web: FDA MedWatch Website
- Phone: 1-800-FDA-1088 (1-800-332-1088)
- Mail: MedWatch, HF-2, FDA 5600 Fisher’s Lane, Rockville, MD 20852-9787
Fortified recommends applying patches and updates where possible and only after adequate testing in a development environment to ensure stability and compliance with organizational change management policies.
References:
- Vendor release notice
