Having health and wellness apps on your smart phone can make it easier for you by logging workouts and meals, but, warn the IT experts, this very technology which is contributing to your fitness goals being achieved, could also be sabotaging you. WPTV looked into the issue this week.
WPTV tech expert and InfoStream Inc President and CEO Alan Crowetz. says that the bad guys out there can take the most minute data and mine it for information which can be used against you.
The apps will ask all the usual details such as your height, weight and ultimate goal. Some apps will ask for more or fuller detail such as medical history and even mental health.
“Imagine seeing your information on a billboard on the highway, mightn’t that cause you to panic? You really need to think what information you are being asked to provide, because you are in fact giving it out to strangers” said Alan.
The data these apps ask would normally be protected under the HIPPA laws in the medical field, but this is where it gets tricky. “These apps are software companies not medical practices and as such are not being audited and checked under HIPPA laws.
A search was run by Alan’s IT company, using one of the writer’s email addresses and one of the apps used, MyFitnessPal, which is owned by Under Armour, was hacked in 2018. In the course of that hack, 144 million email addresses, usernames, IP addresses and passwords were exposed. That information was found on a dark web marketplace, listed for sale.
You would think, the worst that can happen is they have my health details, big deal. But Alan says you should keep in mind that by running the app, the bad guys also know when you are outside you house and when you are alone.
Experts are recommending applying the same priority to your online security as you do to your fitness goals. MyFitnessPal did notify all of its users and obliged them to change their passwords after the 2018 breach.
If you see any of your apps have been compromised, you can run a quick search using the email address linked to your accounts by going to https://www.haveibeenpwned.com/