A recent study by the virtual private network provider, NordVPN, has revealed that 31.9% of Brits use some kind of fitness or well-being device, such as a smartwatch, fitness tracker, etc. However, these devices may be tracking a lot more than your fitness activities – and 23.7% of UK users do nothing to protect them, which may pose a serious privacy risk.
Among the data collected by fitness wearables and the mobile apps connected to them, there are basic activities such as steps, heart rate, the time you go to sleep or wake up, as well as your consumed calories, weight or running routes, which are all of great interest to stalkers or attackers.
“Health information is definitely among the most private and sensitive data in our lives. However, we allow our wearable fitness trackers to capture and store this information in mobile apps without properly knowing about its security vulnerabilities,” comments Daniel Markuson, a digital privacy expert at NordVPN.
Like many gadgets, wellbeing devices and their apps also have security holes that might allow hackers to gain access to your information. Even without taking control of your device, someone can gain access to the Bluetooth signal sent back to your smartphone to guess your passcode. Whenever a hacker has your pin, it’s simple to gain access to all your health information.
According to Have I Been Pwned?, in 2018, the diet and exercise service MyFitnessPal suffered a data breach which exposed 144 million unique email addresses alongside usernames, IP addresses and passwords. The next year, this data appeared on the dark web and was listed for sale. The same year, another health and fitness service provider – 8fit -suffered a data breach of 15 million unique email addresses, which later on were also sold on the dark web.
“Many people connect their fitness devices to an outside app to track, share and analyse their activities. However, that’s the moment when people are easily giving away their sensitive information. NordVPN’s study shows that nearly a third of Brits shared their fitness achievements on social media or on the app’s online forum,” adds Markuson.
Since most fitness trackers lack the necessary security systems, Daniel Markuson shares some advice to make your fitness experience less stressful and more secure: Read the user agreement. Make sure that the company values your privacy and takes reasonable steps to protect it; Make your identity online hidden. If your fitness apps ever get hacked, you can limit the potentially exposed personal information by using a VPN; Limit the data that is being collected. More often than not, apps and devices collect data that is not necessary for them to operate; Regularly delete data stored in the app/device. Many fitness trackers allow you to review and delete the data they store about you.