Mobile fitness trackers may be one step away from hacks

Wearable health tracking devices and apps unfortunately feature multiple vulnerabilities hackers can exploit to gain access to your personal information.

Don’t wait until a threat strikes.

Security threats and malware lurk on Windows PCs, Macs, and Android and iOS devices. If you use more than one device – like most of us do – you need an all-in-one security suite. Meet Norton Security Premium.

Enjoy peace of mind on every device you use with Norton Security Premium.

Learn More

It used to be that your health was information shared between you and your doctor only, but mobile technology is changing that. The boom of fitness and health tracking devices, such as wristbands, heart monitors, and other “wearables” and their accompanying apps, allows many of us to keep better track of our health and physical fitness goals, and even share them with peers. However, the fact that these devices are tracking very personal health data and transmitting information via Bluetooth LE or wireless Internet leaves the information they hold vulnerable to cyber criminal activity.

The Market For Discreet Data

Why would someone else want your personal health information? While attacks on these devices are not yet widespread, our experts believe that hackers could sell personal fitness data to companies, or use it as a blackmail tactic to extort users. Additionally, non-Internet connected fitness devices are traceable and can reveal the whereabouts of the user at any given time.

Most of these devices also connect to mobile apps. The security for these apps is often weak, and implements poor session management, which lets attackers figure out the user space and select personal data the users are tracking, including email addresses and photos. In addition, 20% of apps transmit user login credentials through clear text (not encrypted), which adds greater risk for users to have their accounts compromised. These fitness and health tracking apps also connect to a large number of domains, which could mean they are sharing information with multiple advertising networks and researching analytics firms for marketing, app performance/testing, and user behavior research purposes. Many of these apps lack a privacy policy, which makes it unclear how personal data will be used once it’s tracked.

Tips To Keep Your Identity Safe With Mobile Apps and Wearables

So, how do you keep your tracked data safe from these kinds of vulnerabilities? Check out the following tips to help keep your information private and secure:

1. In order to thwart location stalkers when you’re using a wearable device, make sure that you do not include any personally identifiable information, such as your own name. Think of an alias that motivates you. “HalfTigerHalfUnicorn” is a lot more fun than “Sue Smith” anyway, right?

2. Mitigate the risk of your password being compromised by choosing a complex password unique for this service. Check out our Password Generator if you’re stuck. Always check the privacy policy of the apps you download to make sure you know how your data is being used. Information is key!

3. While using a mobile phone or tablet, be sure to download Norton Mobile Security to secure your device against mobile threats, and detect apps that share your data with third parties.