Rapid7 hires Jay Radcliffe, diabetic who hacked his insulin pump

BOSTON (Reuters) - Cybersecurity firm Rapid7 said on Thursday that it has hired Jay Radcliffe, a diabetic researcher who is known for pioneering work in the field of medical security, including work hacking his own insulin pump.

He will work as a researcher and consultant on the recently created professional services team at privately held Boston-based cybersecurity firm Rapid7.

Radcliffe gained prominence in 2011 when he demonstrated a technique at the Def Con hacking conference in Las Vegas for attacking the same Medtronic Inc insulin pump that he uses to deliver insulin to his body.

He hacked into the pump that regularly provides him with carefully measured doses of insulin by remotely accessing a wireless communications system the computerized pump uses to monitor its surroundings for commands.

He said the approach could have been used to deliver lethal doses of insulin to patients.

Medtronic later that year hired security consultants to review the safety of its insulin pumps after a second research team found more vulnerabilities in the devices, which they said were also potentially lethal.

Radcliffe most recently worked as a senior security analyst at InGuardians Inc. Prior to that, he spent more than a decade holding various posts at Internet Security Systems, which IBM bought in 2006.

Radcliffe said in a blog posted on Rapid7’s website that he will continue his research on hacking medical devices, which has become a passion.

“Emerging technologies in the medical world are often ill-equipped for the dangers that the interconnected world faces, and we need spokespeople to draw attention to these dangers,” he said in the blog. “As a diabetic, who depends on these interconnected devices to live, I find myself as an advocate in this arena.”

Reporting by Jim Finkle; Editing by Eric Walsh