Last Updated on 22/11/2021 by Khushi
Security researchers came across a flaw recently that left a huge pile of fitness record data exposed and the reason behind it was a “non- password database”.
The database is owned by a company based out of New York, named GetHealth. As per its regulation needs, all it did is just store information gained from fitness wearables and applications.
The data exposed is huge,
A total of worth 17GB of data has been left exposed, in the form of plain text, easy to access since it requires no password.
The apps that have been affected due to the concerned data expose are as follows:
GoogleFit
MapMyFitness
Fitbit
Microsoft
Apple Health Kit
Sony Lifelog
Android Sensor
S Health
Strava
Data collected by these applications, which is at stake, are that of heart rate, fitness level, weight, profile details, also involve trackers that detect the location while the person is out for a walk or run.
Other details consist of GetHealthID, First and Last names of the users, Gender, Timezone, Date of birth and the fitness device which is in use.
Authorities have taken action for securing the database from further damage however the need not mean the hackers have been deprived of the previously exposed data. If all that while when the data was outside the security zone, the ones who are capable of taking advantage of the mishap might have got hold of the leaked data and in that case, would still have it with them.
It is yet unknown if the data has been acquired by some other hacker and if it is now on the darkweb.
