The U.S. Food and Drug Administration issued a Class I early alert on October 9, 2025 for Abiomed’s Automated Impella Controller, warning that cybersecurity vulnerabilities in the device’s operating system could allow hackers to seize control of life-sustaining heart pumps and potentially cause serious injury or death. The recall affects all U.S. models and serial numbers of the critical heart support device, marking the third controller-related safety action since June 2025—a period that has seen four deaths and multiple serious injuries linked to various Impella controller malfunctions.
The FDA designated this as its most serious type of recall, indicating that continued network use without correction “may cause serious injury or death”. While the devices are not being physically removed from hospitals, Abiomed notified customers on October 1 that all controllers must be disconnected from hospital networks immediately to prevent potential cyberattacks.
Cybersecurity Flaws Could Enable Device Takeover
Abiomed discovered cybersecurity vulnerabilities in the Automated Impella Controller’s operating system that pose “unacceptable residual risk” related to both network and physical access, according to the FDA alert. If exploited, these security flaws could disrupt the controller’s essential performance, potentially causing loss of device control or unexpected pump stoppage—events that could result in life-threatening loss of hemodynamic support for critically ill cardiac patients.
The Automated Impella Controller serves as the primary user control interface for Impella heart pump catheters, which provide temporary circulatory support by reducing the work of the heart’s left ventricle. Healthcare professionals use these controllers to manage pump operation and monitor alarm conditions in patients with severely weakened hearts who require mechanical circulatory assistance.
Abiomed has reported no cyberattacks, patient harm, or adverse events specifically related to these cybersecurity vulnerabilities as of the alert date. However, cybersecurity experts note that the absence of detected attacks does not mean vulnerabilities have gone unexploited, as sophisticated intrusions can remain undetected for extended periods.
The devices are also used internationally, including in India where they received regulatory approval in 2018 and are employed at major hospital networks for high-risk cardiac interventions. However, it remains unclear whether international regulators have issued parallel warnings about the cybersecurity vulnerabilities affecting U.S. devices.
U.S. Hospitals Ordered to Disconnect Devices From Networks
Abiomed sent urgent safety letters to all affected customers on October 1, 2025, directing them to take immediate protective measures. Facilities must keep all Automated Impella Controllers in secure, restricted-access environments whether currently in clinical use or stored in inventory.
The company instructed hospitals to disable network connectivity on all controllers until cybersecurity updates can be implemented. Abiomed field representatives are contacting each facility to arrange systematic disconnection from hospital networks, though healthcare providers who wish to act immediately can contact the company directly or reach out to local clinical field staff for instructions.
If healthcare providers suspect a cybersecurity event has occurred, they must report it immediately through Johnson & Johnson’s product security portal. Abiomed stated it is “working on security updates and measures to address these cybersecurity vulnerabilities” and will provide additional information when mitigations are available to resume network connectivity.
Third Controller Recall in Four Months Raises Safety Concerns
The October 2025 cybersecurity alert represents the third significant safety action involving Automated Impella Controllers since June 2025, collectively linked to four deaths and multiple serious injuries.
In June 2025, the FDA issued an early alert after Abiomed controllers failed to recognize Impella pumps when connected, resulting in three patient deaths as of June 13. The controllers’ inability to detect attached pumps meant patients could lose critical circulatory support without warning, and Abiomed recommended that customers maintain backup controllers or be prepared to restart consoles if the issue persisted.
In August 2025, Johnson & Johnson’s Abiomed unit initiated a voluntary recall of 69 Automated Impella Controllers after identifying a capacitor malfunction linked to one death. The affected controllers contained pump driver circuit assemblies with 25v-rated tantalum capacitors instead of the specified 35v-rated capacitors—a manufacturing defect that could lead to decreased pump performance or complete pump stoppage. These failures triggered “Impella Failure” or “Impella Stopped. Controller Failure” alarms, with potential for loss of circulatory support or death.
In September 2025, Abiomed initiated another recall for purge retainer fixation issues that could cause purge pressure problems, cracks, or failures in the controllers. The company determined that force applied during purge disc insertion and removal contributed to purge retainer failures that could lead to pump stoppage and resultant loss of hemodynamic support. As of August 27, 2025, Abiomed reported five serious injuries and no deaths associated with this issue.
Johnson & Johnson reported the failure occurred at a rate of just 0.006% based on complaint reviews from January 2011 through June 2025, analyzing 27 complaints out of 393,776 uses. Despite this extremely low rate, the defect proved fatal in at least one case. The FDA classified this as a Class I recall—the agency’s most serious designation—with Abiomed instructing customers to immediately remove 69 affected controllers from service globally and return them to the company.
Pattern of Safety Issues Threatens Patient Confidence
The series of recalls has raised serious questions about the reliability of Impella controllers and Johnson & Johnson’s oversight of the Abiomed acquisition. MedTech Dive reported in August 2025 that “Abiomed’s Impella pump woes persist” as the company grappled with multiple controller recalls within three months.
Industry analysts note that while individual failure rates may be statistically low, the consequences for cardiac patients dependent on mechanical circulatory support are catastrophic. A single controller malfunction can result in immediate loss of hemodynamic support, leading to cardiac arrest, organ failure, and death within minutes if backup systems are not immediately available.
The cybersecurity vulnerabilities add an entirely new dimension of risk beyond mechanical failures. Medical device security experts have long warned that networked hospital equipment presents attractive targets for ransomware attacks, nation-state actors, and other malicious entities seeking to disrupt healthcare operations or extort money from vulnerable institutions.
Legal challenges are emerging as patients and families affected by Impella controller failures seek accountability. The pattern of repeated safety issues—four deaths across multiple controller defects in just four months—has attracted attention from product liability attorneys investigating potential claims against Johnson & Johnson and Abiomed.
Johnson & Johnson acquired Abiomed for $16.6 billion in 2022. Since the acquisition, Abiomed has recalled multiple products and received an FDA warning letter in September 2023 due to issues with Impella devices. The current cascade of controller failures and cybersecurity vulnerabilities represents the most serious safety crisis the company has faced since the merger.
The FDA’s October 2025 cybersecurity alert affects all U.S. models and serial numbers of the Automated Impella Controller, including multiple product codes spanning standard controllers, optical controllers, and systems with Impella Connect capability. Healthcare facilities using these devices face difficult decisions about continuing to rely on Impella systems for critically ill cardiac patients who have limited treatment alternatives while the cybersecurity vulnerabilities remain unaddressed.
