A security flaw in a pacemaker made by Medtronic makes it possible for hackers to take control of the device and deliver malware to the computers implanted in someone’s chest.

At the recent Black Hat information security conference, researchers demonstrated how the Carelink 2090 pacemaker, along with the company’s insulin pump, could be hacked. First, they warned anyone with an implanted device to leave the room. Then they disabled an insulin pump. A hacker near a patient could copy the device’s radio frequency signals, and then play them back later to deliver insulin when it isn’t needed–potentially leading to dangerously low blood sugar. They also hacked a system that doctors can use to program a patient’s pacemaker. The hack could be used to shock someone’s heart, or to withhold a shock when it’s needed.

The researchers, Billy Rios from the security firm Whitescope, and Jonathan Butts of QED Secure Solutions, have spent nearly two years trying to get Medtronic to address the flaws. Despite demonstrating attacks to the company, they say, the company was slow to evaluate the problem and hasn’t fixed the flaws. The researchers decided to go public with their concerns; they also went to the U.S. Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team and the FDA, which is evaluating the vulnerabilities in an ongoing investigation.

In a statement, the company said that the “likelihood of a breach of a patient’s device is low.”