Healthcare IT News February 9, 2021
Dave Muoio

Thirty mobile health apps from larger healthcare information technology companies were susceptible to a broken object level authorization (BOLA) attack.

A recent report testing the security capabilities of several mobile health apps highlighted “systemic” shortcomings and vulnerabilities that could lead to the exposure of users’ sensitive health and identity information.

Conducted by cybersecurity marketing firm Knight Ink and sponsored by mobile app API security company Approov, the investigation reverse-engineered 30 mobile health apps using an open source security framework, analyzed their static code and then penetration-tested their APIs.

The report did not disclose the names of the tested apps or developers (some of whom agreed to provide access to the investigation under the condition of anonymity), but noted that they...

Today's Sponsors

Venturous
Got healthcare questions? Just ask Transcarent

Today's Sponsor

Venturous

Continue Reading

 
Topics: Apps, Cybersecurity, Digital Health, Health IT, mHealth, Patient / Consumer, Provider, Survey / Study, Technology, Trends
Related Articles:
Beyond encryption: Why quantum computing might be more of a science boom than a cybersecurity bust
Most Healthcare Providers Remain Highly Vulnerable to Ransomware Attacks
FBI says terrorist threat against hospitals not credible
Why Your Browsers Should Be At The Center Of Your Cybersecurity Strategy
The watchful AI that never sleeps: Hakimo’s $10.5M bet on autonomous security

Share This Article