St. Jude Medical Inc on Wednesday filed a lawsuit against short-selling firm Muddy Waters and cyber security company MedSec Holdings Ltd, saying they intentionally disseminated false information about its heart devices to manipulate its stock.
St. Jude’s shares fell sharply on Aug. 25 after Muddy Waters, run by Carson Block, said it had taken a short position in company’s stock after uncovering security flaws in its devices.
Block said last week his firm’s position was motivated by research from MedSec, which asserted that St. Jude’s heart devices were vulnerable to cyber attacks and were a risk to patients. MedSec has acknowledged that it would share in gains from Muddy Water’s short investment.
Short-sellers borrow shares and sell them in expectation the price will fall. When it does, the short-sellers buy back the shares, return them to the lender, pay borrowing fees and pocket the difference.
St. Jude said it had filed the lawsuit to protect the reputation of its implantable pacemakers and defibrillators, which are used to regulate heart rhythm or treat cardiac arrest. It is seeking damages and for the defendants to give up any profits they made off their investment.
The lawsuit said Muddy Waters had created a short-selling scheme meant to secure a quick and illegal financial windfall. It was not immediately clear how big the short-seller’s position was or how much it may have made when St. Jude’s stock fell.
A Muddy Waters spokesman responded to the lawsuit in an emailed statement that “It is not unusual for a company like this to try to silence its critics and we are always prepared to vigorously defend our right to criticize a company that puts its profits before its patients.”
Muddy Waters alleged last month it and MedSec found security flaws in St. Jude’s Merlin@home device for monitoring implanted heart devices. They said the flaws potentially could enable hackers to easily take control of the devices and either speed them up or drain their power.
In its lawsuit, St. Jude said the accusations were defamatory and that its devices have numerous features that protect against cyberattacks. It accused the short-sellers of false advertising, conspiracy and manipulation of the stock market.
University of Michigan researchers last week said their own experiments had undermined allegations of security flaws in St. Jude’s implantable devices.
St. Jude agreed in April to sell itself to Abbott Laboratories for $25 billion.
MedSec did not immediately respond to requests for comment.
St. Jude’s shares rose 0.8 percent in morning trading on the New York Stock Exchange.
The stock has fallen about 4 percent since Muddy Waters disclosed its position.
The case is St. Jude Medical vs. Muddy Waters, MedSec Holdings et al, in the United States District Court for the District of Minnesota, No. 16-cv-03002.
(Reporting by Ransdell Pierson, Jennifer Ablan and Caroline Humer in New York and Ankur Banerjee in Bengaluru.)