News | EP Lab | September 07, 2016

St. Jude Brings Legal Action Against Market Research Firm for Report Bashing its EP Device Cybersecurity

St. Jude Medical turned to the courts to to dispute Muddy Waters and MedSec market report that claims they were financially motivated to make false claims

EP device cyber security, SJM, St. Jude Medical

September 7, 2016 — St. Jude Medical Inc. (SJM) has filed a lawsuit against Muddy Waters Consulting LLC, Muddy Waters Capital LLC, MedSec Holdings Ltd., MedSec LLC and three individual defendants who are principals in these firms, for false statements, false advertising, conspiracy and the related manipulation of the public markets. This is in regards to a market report these firms released in August that claimed SJM’s implantable electrophysiology (EP) cardiac rhythm management devices were not secure against cyber attack and present a danger to patient safety. With this court action, SJM said it seeks to hold these firms and individuals accountable for what the company calls false and misleading tactics. The company also said it wants to set the record straight about the security of its devices and to help cardiac patients and their doctors make informed medical decisions.

The investment research firm Muddy Waters Capital released a report Aug. 25 saying it believed SJM would lose up to half of its revenue due to what it calls issues with its EP devices, including pacemakers, implantable cardioverter defibrillators (IDCs) and cardiac resynchonization therapy (CRT) devices. The firm claimed these devices pose a public health risk and might be recalled or need remediation because of their vulnerability to cyber attack. SJM responded Aug. 29, calling the report false and misleading. 

Read the article “Market Report Calls Into Question St. Jude Medical EP Device Safety, Cybersecurity.”

(Updated information -- In April 2017, the FDA issued a warning letter to Abbott / St. Jude Medical related to the company’s mismanagement of the recall of the EP devices mentioned in this article. The FDA also said SJM failed to properly address the cybersecurity issues oulined in the Muddy Waters report, which were later confirmed by the FDA as issues with these devices. Read the article “FDA Harshly Criticizes Abbott, St. Jude For Failure to Address EP Device Safety.”)

"We felt this lawsuit was the best course of action to make sure those looking to profit by trying to frighten patients and caregivers and by circumventing appropriate and established channels for raising cybersecurity concerns, do not use this avenue to do so again,” said Michael T. Rousseau, president and chief executive officer at St. Jude Medical. He said SJM has processes in place to encourage anyone with information about the security of our technology to share it with the company so it can be resolved. ”We believe this lawsuit is critical to the entire medical device ecosystem — from our patients who have our life saving devices, to the physicians and caregivers who care for them, to the responsible security researchers who help improve security, to the long-term St. Jude Medical investors who incurred losses due to false accusations as part of a wrongful profit-making scheme."

The lawsuit filed Sept. 7 alleges that Muddy Waters, MedSec and the other defendants intentionally disseminated false and misleading information in order to lower the value of SJM stock and to wrongfully profit from a drop in share value through a short-selling scheme. The company’s complaint claims the defendants’ served their own financial self-interest by attempting to mislead doctors and patients and demonstrates a total disregard for the patients whose lives depend on their cardiac management devices. The complaint also cites a third-party assessment of the Muddy Waters Report by University of Michigan researchers who found that “the evidence does not support their conclusions… [the University of Michigan researchers] were able to generate the reported conditions without there being a security issue.” In addition, an electrophysiologist and cardiologist from the University of Michigan also stated that “given the significant benefits from home monitoring, patients should continue to use their prescribed cardiac devices” at this time.

“We recognize that the cybersecurity landscape is dynamic, which is why we partner with researchers, agencies, consultants and others to continually strengthen our security measures currently in place,” said Phil Ebeling, SJM vice president and chief technology officer. “We also have processes in place to encourage anyone with information about the security of our technology to share it with us so that we can enhance our technology for the benefit of patients.”

SJM said its devices and systems have multiple features to reduce the risk of cyber security attacks and works with the U.S. Food and Drug Administration, the Department of Homeland Security and independent researchers to continually strengthen its security systems.

"Our top priority is to reassure patients, caregivers and physicians who use our life-saving devices that we are committed to the security of our products and to ensure patients and their doctors maintain ongoing access to the proven clinical benefits of remote monitoring," said Mark Carlson, SJM ice president and chief medical officer. "We decided to take this action because of the irresponsible manner in which these groups have acted."

The lawsuit was filed in the United States District Court for the District of Minnesota. This case follows St. Jude Medical's recent statements that refuted claims by Muddy Waters and MedSec regarding the safety and security of our pacemakers and defibrillators.

For more information: sjm.com 

Related Content

Image from the announcement of the Neal award winner of best technical content for DAIC's coverage of COVID-10 related to cardiology at the Neal virtual award ceremony June 9.

Image from the announcement of the Neal award winner of best technical content for DAIC's coverage of COVID-10 related to cardiology at the Neal virtual award ceremony June 9.

Feature | Cardiovascular Business | June 10, 2021
Avoiding high-risk PCI procedures does not improve hospital scores according to a study presented at SCAI 2021. CTO procedure at Henry Ford Hospital, Detroit. Photo by Dave Fornell.

Avoiding high-risk PCI procedures does not improve hospital scores according to a study presented at SCAI 2021. CTO procedure at Henry Ford Hospital, Detroit. Photo by Dave Fornell.

News | Cardiovascular Business | May 05, 2021
May 5, 2021 — A late-breaking study presented at the...
Cardinal Health Sells its Cordis Cardiology Business to Hellman & Friedman. Hopes to build the Cordis Accelerator for innovative cardiovascular device development.
News | Cardiovascular Business | March 12, 2021
March 12, 2021 — Cardinal Health today announced that it is selling its...
An interventional radiologist consults with a patient in an out patient cath lab at a Modern Vascular clinic. The company is building several out patient clinics to capture a share of the interventional market for peripheral artery disease (PAD) catheter-based therapies. 

An interventional radiologist consults with a patient in an out patient cath lab at a Modern Vascular clinic. The company is building several out patient clinics to capture a share of the interventional market for peripheral artery disease (PAD) catheter-based therapies. 

News | Cardiovascular Business | February 03, 2021
February 3, 2021 — Modern Vascular is a medical group that has 13 outpatient cath lab clinics to treat...
COVID-19 cardiology related content continues to be among the top performers on the DAIC website in November 2020. TAVR also topped headlines with Boston Scientific taking its Lotus valve off the market and a review of TAVR registry data showing it is now the dominant method of aortic valve replacement in the United States. #DAIC

COVID-19 cardiology related content continues to be among the top performers on the DAIC website in November 2020. TAVR also topped headlines with Boston Scientific taking its Lotus valve off the market and a review of TAVR registry data showing it is now the dominant method of aortic valve replacement in the United States.

Feature | Cardiovascular Business | December 01, 2020 | Dave Fornell, Editor
December 1, 2020 — Here is the list of the most popular content on the Diagnostic and Interventional Cardiology (DAIC
Survey data showing opinions of physicians and hospital administrators on barriers to implementing new technology and how new technologies have improved cardiovascular care.

Survey data showing opinions of physicians and hospital administrators on barriers to implementing new technology and how new technologies have improved cardiovascular care.

News | Cardiovascular Business | September 14, 2020
September 14, 2020 — New global research released by Abbott takes a deep dive into the barriers of cardiovascular pat
Philips angiography system in a cath lab at Henry Ford Hospital.
Feature | Cardiovascular Business | July 13, 2020 | Deb Thompson and Christian Comeau
For a cardiovascular service line leader, addressing challenges in an evolving healthcare climate is a constant.
Leeds Hospital recently installed Philips Azurion angiography interventional labs to enhance procedural guidance capabilities.

Leeds Hospital recently installed Philips Azurion angiography interventional labs to enhance procedural guidance capabilities.

News | Cardiovascular Business | July 08, 2020
July 8, 2020 – Philips Healthcare and Leeds Teaching Hospitals NHS Trust announced a seven-year managed service agree