An unsecured database containing over 61 million records related to wearable technology and fitness services was left exposed online.
On Monday, WebsitePlanet, together with cybersecurity researcher Jeremiah Fowler,
said the database belonged to GetHealth.
Based in New York, GetHealth describes itself as a "unified solution to access health and wellness data from hundreds of wearables, medical devices, and apps." The firm's platform is able to pull health-related data from sources including Fitbit, Misfit Wearables, Microsoft Band, Strava, and Google Fit.
On June 30, 2021, the team discovered a database online that was not password protected.
The researchers said that over 61 million records were contained in the data repository, including vast swathes of user information -- some of which could be considered sensitive -- such as their names, dates of birth, weight, height, gender, and GPS logs, among other datasets.