It’s a “fitbit” of a nightmare for those tracking their fitness. According to a WebsitePlanet report and independent cybersecurity professional, Jeremiah Fowler, 61 million fitness tracker records from Apple and Fitbit were breached.
Researchers found that the data breach stemmed from GetHealth, a New York-based health and wellness company that allows users to unify their wearable device, medical device, and app data. The exposed data belonged to wearable device users around the world and contained names, birthdates, weight, height, gender, and geographical location.
The database was not password-protected, and the information was clearly identifiable in plain text. Fitbit was listed in over 2,700 records, and Apple’s Healthkit was mentioned over 17,000 times.
Fowler said he immediately sent a responsible disclosure notice of his findings and received a reply from GetHealth the next day. The company confirmed that the data had since been secured.
“Fitness trackers by their design are intended to understand and improve our health by providing critical information that could indicate health risks,” the report pointed out.
Read the full story at Health IT Security.