- Home
- Advocacy
- Latest News and Practice Data
- FDA Warns Laboratories Over Threats to Laboratory Cybersecurity
Cybersecurity vulnerabilities affecting laboratory equipment software led the Food and Drug Administration (FDA) to alert clinical laboratory personnel about the possibility of unauthorized users gaining access to laboratory equipment on April 27. The FDA has asked laboratories to be aware of required actions to mitigate cybersecurity risks. The CAP works with federal agencies to protect patient safety against various threats, including those in cyberspace.
The specific vulnerability affected the Universal Copy Service software in the Illumina MiSeqDx, NextSeq 550Dx, iScan, iSeq 100, MiniSeq, MiSeq, NextSeq 500, NextSeq 550, NextSeq 1000/2000, and NovaSeq 6000 sequencing instruments, the FDA said. There are no reports of this vulnerability being exploited, but an unauthorized user could:
- take control of laboratory equipment remotely
- alter settings, configurations, software, or data on the instrument or a customer’s network
- impact genomic data results in the instruments intended for clinical diagnosis, including causing the instruments to provide no results, incorrect results, altered results, or a potential data breach
Illumina has developed a software patch to protect against the exploitation of the vulnerability. On April 5, Illumina sent notifications to affected customers to check their instruments and medical devices for potential breaches.
Related, on May 1, the FDA published a tip video on cybersecurity incident preparedness and response. More information from the FDA regarding cybersecurity is available online.