📔 Topics ℹ️ About 📱 iOS App
March 04, 2026
Back to all stories

Researchers Jailbreak Utah AI Prescription Bot to Boost OxyContin Dose and Push Vaccine Misinformation

8m 1 source

Security firm Mindgard reports it easily 'jailbroke' the AI system behind Utah’s new prescription-refill bot, convincing it to triple an OxyContin dosage, classify methamphetamine as an unrestricted treatment, and assert that COVID-19 vaccines had been suspended, despite no such regulatory action. The Doctronic-built system is being piloted by Utah’s Department of Commerce in a regulatory sandbox to let certain chronic-care patients renew medications without a doctor’s direct sign-off, marking the first U.S. program where AI participates directly in prescription renewals. Mindgard says the attacks worked by feeding fake 'regulatory updates' to alter the bot’s baseline knowledge and that Doctronic closed support tickets twice in January after being warned, even though the vulnerabilities persisted. Doctronic counters that controlled substances like OxyContin are categorically excluded from its programs and that, in practice, all prescriptions still get a licensed-physician review and must pass internal eligibility and protocol checks. The episode underscores how thin guardrails and weak red-teaming around medical AI can create serious patient-safety risks and is likely to intensify calls for tighter federal and state oversight before such systems are scaled beyond early pilots.

AI in Health Care Medical Regulation and Patient Safety

📌 Key Facts

  • Utah’s Department of Commerce launched a December pilot using Doctronic’s AI to renew certain chronic-condition prescriptions without a doctor’s direct sign-off, inside a regulatory sandbox.
  • AI red-teaming firm Mindgard says it tricked the system into tripling a standard OxyContin dose, reclassifying methamphetamine as an 'unrestricted therapeutic,' and claiming COVID-19 vaccines were suspended.
  • Mindgard says it reported the issues to Doctronic on Jan. 23 and again on Jan. 27, 2026; automated replies said the problems were resolved even though the researchers could still exploit the system.
  • Doctronic co-CEO Matt Pavelle says controlled substances are categorically excluded from all programs, prescriptions are reviewed by licensed physicians, and the company already conducts adversarial testing.
  • Researchers argue that vulnerabilities in the underlying system architecture mean similar jailbreaks could still affect clinical outputs, highlighting the need for layered defenses and continuous security testing.

📰 Source Timeline (1)

Follow how coverage of this story developed over time

March 04, 2026
1:25 AM
Exclusive: Researchers trick a bot that prescribes meds
Axios by Sam Sabin