Health and fitness apps: The hidden risks you might overlook

Health and fitness apps have grown so much over the years, and it seems like every person is regularly using at least one. These apps are designed to help us keep track of various biological metrics. For instance, you can fall asleep faster with the help of sleep trackers that feature different calming sounds, such as BetterSleep.

Those who are not into going to gyms and prefer to work out at home can use apps that feature no-equipment exercise programs, like JustFit. Let’s not forget wearable trackers are often paired with apps and can log your movement throughout the day, as well as your heart rate and activity.

But what happens with all the collected data? And are there any risks you are not aware of? Let’s dive deeper into this subject and learn about health and fitness apps!

The risks of health and fitness apps

Popular fitness apps have been targeted by cybercriminals before, namely in 2018, when the personal information of 150 million MyFitnessPal users was stolen and then offered on the dark web. That same year, PumpUp, a Canada-based company, experienced a data leak that exposed personal data and messages of more than 6 million users.

It’s easy to deduct that the biggest risk of using health and fitness apps is related to user privacy, including:

Unsatisfactory user data security

As you can see from the examples above, even apps with millions of users can experience cybersecurity issues. Hackers see them as a treasure trove of valuable information, and some really are. A data breach can reveal someone’s habits, favourite running routes, location, and more. And those who reuse their login information could be locked out of other accounts unrelated to the fitness and health apps they use.

Sharing data with third parties

Not every health and fitness app will share your data with third parties, but some do. Unfortunately, users rarely read the terms and conditions before creating an account. Selling your information for marketing purposes will result in targeted advertising. Since your app of choice probably knows quite a bit about you, chances are you’ll encounter plenty of ads promoting various health and fitness gadgets or services.

How to protect your information

Although there are risks of using health and fitness apps, it shouldn’t discourage you from using them. Instead, take necessary measures to protect your data and privacy. Different types of health and fitness apps are popular in Cyprus, but these general tips can be applied to most of them:

Strong passwords

Easy-to-guess passwords are frequently the reason behind hacked accounts. Therefore, users should spend some time coming up with a strong password that contains uppercase and lowercase letters, numbers, and symbols. Those worried about remembering such a password can always use a password manager. The best part is that you can access these apps on multiple devices and have all your login data in one place.

Don’t overshare

Many health and fitness apps encourage users to share their data on social media through pre-designed templates. They often feature sensitive data such as someone’s running or walking route. While you might think it’s fun to share that information with your close friends, be careful if your profile is not private. This information can be used to dox you or, even worse – to stalk you.

Hide your IP address

Your IP address can reveal a lot about you, so if you are concerned about your privacy, concealing it might be a good idea. When someone uncovers your IP, they will know the exact location where you browse from. It is often combined with the data collected on frequently visited websites to create a user profile.

If you are now wondering how to hide my IP address, the answer is VPN or Virtual Private Network. Once you connect to a server of your choice, your IP address will change. Additionally, the data you send or receive will automatically be encrypted, which adds another layer of protection.

Use two-factor authentication

Two-factor authentication combined with a strong password is the way to go when it comes to the overall protection of an account. Make sure you enable and set up 2FA where available. It will ensure that you are the only person with access to your account and personal information. As the name suggests, 2FA requires an additional step during the login process. It is often a code sent to your phone or email.