Millions of Patient records exposed by health apps

health apps Blogs | IEMLabs

Researchers discovered that millions of patient records have been revealed by 30 popular mobile health (mHealth) applications. With people increasingly relying on mHealth apps during the COVID-19 pandemic, researchers observed that such apps are now generating more user activities compared to other mobile apps. Research suggests that the majority of these health applications are highly vulnerable to API attacks that unauthorized parties could leverage to access protected health information (PHI) and personally identifiable information (PII).

Analysis shows that these popular health apps have been downloaded by 772,000 people with an estimated user base of roughly 23 million approximately. According to researchers, the number of affected users, however, is likely much higher, considering the fact that there are over 300,000 mHealth apps available at the moment on major app stores.

To ensure the protection of customer records and sensitive information of patients, security experts  have provided recommendations for mobile app developers to adopt a series of steps such as ensuring the security of both the app and APIs, secure the development process and harden apps, implement certificate pinning to protect against MitM attacks, monitor implemented controls, perform penetration testing etc.

By Hrithik Lall

IEMLabs is an ISO 27001:2013 and ISO 9001:2015 certified company, we are also a proud member of EC Council, NASSCOM, Data Security Council of India (DSCI), Indian Chamber of Commerce (ICC), U.S. Chamber of Commerce, and Confederation of Indian Industry (CII). The company was established in 2016 with a vision in mind to provide Cyber Security to the digital world and make them Hack Proof. The question is why are we suddenly talking about Cyber Security and all this stuff? With the development of technology, more and more companies are shifting their business to Digital World which is resulting in the increase in Cyber Crimes.

Leave a comment

Your email address will not be published.

This site is under maintenance,
some features might not work!!!