The federal government says health care facilities should stop using Hospira's Symbiq medication infusion pump because of its vulnerability to hacking.

The Food and Drug Administration said Friday it's the first time it has warned caregivers to stop using a product because of a cybersecurity risk. It comes at a time of rising concerns about breaches of products that connect to the Internet. A week ago, automaker Fiat Chrysler recalled 1.4 million vehicles because of a flaw that made them vulnerable to hackers.

The FDA says the computerized pumps could be accessed remotely through a hospital's network, but it doesn't know of any cases where that has happened. In recent months cybersecurity experts and the Department of Homeland Security have warned that the device could be hacked and remotely controlled, possibly allowing an intruder to change the amount of medication a patient received.

Read More Car hacking: Should you be worried?



Hospira Inc. stopped making Symbiq pumps in 2013 and said it expected most of them would be replaced within two to three years. The Lake Forest, Illinois, company declined to say how many of the products are still in use. The FDA says some third parties still sell Symbiq pumps.

Earlier this year the FDA and the Homeland Security Department's Industrial Control Systems-Cyber Emergency Response Team issued warnings about potential vulnerabilities of Hospira's LifeCare PCA 3 and PCA5 pumps. The company says newer products have additional protection against potential breaches.