Connect with us

Hi, what are you looking for?

Life

Fitness tracking record data leak: Time to stop jogging on

Fitbit and Apple’s HealthKit have been linked to exposed personal data.

US 'to buy 500 mn doses for world' as curbs ease in Europe
French fitness enthusiasts have been relieved to see gyms reopen under Wednesday's relaxation of coronavirus curbs - Copyright AFP ISHARA S. KODIKARA
French fitness enthusiasts have been relieved to see gyms reopen under Wednesday's relaxation of coronavirus curbs - Copyright AFP ISHARA S. KODIKARA

A recent Fitness Tracking Record Leak exposed 60 million customer records including GPS logs. The impacted organization was New York-based company GetHealth, as identified by WebsitePlanet, together with cybersecurity researcher Jeremiah Fowler.

The majority of data sources were found to have originated from popular brands like Fitbit and Apple’s HealthKit.

Fowler sent a disclosure notice to the company of the security findings. GetHealth responded and the system was secured rapidly. However, the issue brings to the fore the need for robust cybersecurity protection when it comes to sensitive data.

Looking into the incident for Digital Journal ,Pravin Rasiah, VP of Product, CloudSphere, warns about the vulnerabilities presented by many types of health and fitness devices.

 Rasiah begins by assessing the extent of personal data captured by wearable devices: “Companies collecting and storing sensitive customer information must be hypervigilant in protecting all of the data they collect.”

With the specific case, ZDNet finds that over 61 million records were contained in the data repository, including vast quantities of user information, including names, dates of birth, weight, height, gender, and GPS logs, among other datasets. 

This means consumer beware: “Leaving a database exposed without a password or authentication to prevent unauthorized entry is a surefire way to endanger customer information and potentially damage a brand’s reputation.”

Brands need to do more, says Rasiah. He explains: “It is crucial that enterprises have the ability to identify security flaws in a timely manner so that sensitive data such as names, birthdates and GPS logs stay out of the hands of malicious actors.”

Furthermore: “A missing password is often the result of lack of awareness into the constantly changing cloud environment. Without this visibility, it is far too easy for even basic security measures to lapse or be misconfigured.”

In terms of taking proactive steps to address these issues is important. Rasiah recommends: “Companies should invest in automation for cloud governance that enforces security guardrails via policies that can prevent or remediate issues in real-time.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Social Media

French President Macron has posted  artificial intelligence-generated fake videos that he features in as he promoted a technology summit.

Business

"We're going to find billions, hundreds of billions of dollars of fraud and abuse..

Entertainment

Actor and filmmaker Tyler Gallant chatted about his future projects, the digital age, and his career in the entertainment business.

Entertainment

On Sunday, February 9th, Grammy-nominated singer and actor Brent Comer (of the Tony award-winning Broadway musical "The Outsiders") headlined 54 Below in New York...