They didn't even need to do that
Radcliffe apparently contacted Medtronic to inform them of the vulnerability some time ago.
All they needed to do was reply to him with something along the lines of:
"Thanks for bringing this to our attention, we will work on securing this vulnerability in the near future and once we have a reliable fix we will issue it to all users of %Device%. In the meantime we would ask that you keep the details of this vulnerability secret to reduce the risk of it being exploited."
If Radcliffe then went public afterwards, they could publish that reply and make him look like an evil bastard.
As it is, Medtronic look like fools, as the public information seems to imply that all someone would need to hack a specific device would be a cheap piece of hardware and serial number, a piece of information that is printed on the device, very short and *very* predictable.
I really hope that is not true, but I rather suspect it might be.
Should an evil person want to exploit it, they could just wander around repeatedly transmitting "Inject maximum!" to pretty much every serial number ever built. Even with a targeted attack, to some extent it doesn't even matter whether they know the serial number of the 'target' as they could just spam a lot of serial numbers until they get the result they want.
You might think that it's unlikely that someone would go to the trouble, but that's no reason to ignore it.
Medtronic do appear to have now released a statement to Reuters saying that they'll fix the vulnerability in their next generation product, but it's too late - they now look like blind fools.