On June 2, the FDA issued a warning that may affect your lab if it uses certain Illumina next-generation sequencing instruments. The letter states that there might be a cybersecurity vulnerability affecting the local run management (LRM) software on the following Illumina instruments; NextSeq 550Dx; MiSeq Dx; NextSeq550; iSeq; and MiniSeq.
Although it hasn’t received any reports of actual incidents, the FDA says there’s a risk that hackers can exploit the vulnerability to:
- Take control of the instrument remotely;
- Alter settings, software, or data on the instrument or customer’s network; or
- Impact patient test results.
Illumina has sent notifications and instructions to affected labs so they can check for hacking; it’s also created a software patch to prevent exploitation of the vulnerability as it works on a permanent fix. The FDA’s recommendations:
- Review the Urgent Safety Notification or Product Quality Notification (for research use only [RUO] customers) Illumina sent to affected customers. If you didn’t receive a notification from Illumina, but think you should have, contact email@example.com;
- Immediately download and install the software patch (Dx mode and RUO mode) on every affected instrument, including in each stand-alone instance of the off-instrument LRM for RUO mode on the Dx instruments, while connected to the internet;
- Contact firstname.lastname@example.org for instructions on other ways to install the software patch, if you’re not connected to the internet; and
- Immediately contact email@example.com if you suspect your instrument may have been compromised by an unauthorized user.