According to its September 7, 2016, press release, St. Jude Medical filed a lawsuit against MedSec and Muddy Waters Consulting, MedSec Holdings, Muddy Waters Capital, and three principals in those firms. The suit was filed in the U.S. District Court in Minnesota. St. Jude Medical’s, SJM, allegations include “false statements, false advertising, conspiracy and the related manipulation of the public markets in connection with SJMs implantable cardiac management devices.”
The lawsuit alleges that the defendants used misleading and false information in an effort to lower SJMs stock value and to profit from that scheme by short-selling SJMs stock. Muddy Waters Research published a notice on August 25th that it felt that the company should recall its pacemakers, ICDs and CRTs because they were vulnerable to cyber attacks that could cause them to malfunction and place patient lives in danger. On August 30th, the University of Michigan stated that the Muddy Waters Research report was flawed and that its researchers could not find conclusive evidence that supported its conclusions. It also stated that MedSec and Muddy Waters made a deal so that MedSec could share in the profits gained from short selling SJM stock.
SJM notes that taking action against it for monetary gain resulted in frightening both patients that use SJMs cardiac products and their caregivers. It is hoping that, by filing a lawsuit, other corporations that want to raise security concerns about its products will do so through channels established for that purpose.
SJM is a global manufacturer of medical devices that is headquartered in St. Paul, Minnesota. Its focus is on cardiac devices, including pacemakers and defibrillation devices.
The landscape of cyber attacks is continually changing as more and more sophisticated ways of hacking devices are found. SJM partners with others, including researchers and consultants, to ensure that they stay on top of technology and continually works to strengthen its security to prevent any cyber security issues that may arise. The company also encourages anyone that has any information or concerns about its devices security to contact them so that they can deal with the issue and enhance its technology to prevent attacks from occurring.
It is unclear how severe the monetary loss in its stock prices will affect SJM investors, or the loss of business that has resulted from a loss of faith in the company by physicians and patients. Those outcomes remain to be seen.
If, in fact, Muddy Waters is in the wrong, I am glad that SJM took action. If corporations that are attacked would fight back through the court system, others might hesitate before taking underhanded actions for their own gain.