https://goo.gl/CxzwDR
The report on pacemakers looked at a range of implantable devices from four manufacturers as well as the "ecosystem" of other equipment used to monitor and manage them.
Researcher Billy Rios and Dr Jonathan Butts from security company Whitescope said their study showed the "serious challenges" pacemaker manufacturers faced in trying to keep devices patched and free from bugs that attackers could exploit.
They found that few of the manufacturers encrypted or otherwise protected data on a device or when it was being transferred to monitoring systems.
Also, none was protected with the most basic login name and password systems or checked that devices they were connecting to were authentic.
Often, wrote Mr Rios, the small size and low computing power of internal devices made it hard to apply security standards that helped keep other devices safe.