Healthcare IT News February 9, 2021
Dave Muoio

Thirty mobile health apps from larger healthcare information technology companies were susceptible to a broken object level authorization (BOLA) attack.

A recent report testing the security capabilities of several mobile health apps highlighted “systemic” shortcomings and vulnerabilities that could lead to the exposure of users’ sensitive health and identity information.

Conducted by cybersecurity marketing firm Knight Ink and sponsored by mobile app API security company Approov, the investigation reverse-engineered 30 mobile health apps using an open source security framework, analyzed their static code and then penetration-tested their APIs.

The report did not disclose the names of the tested apps or developers (some of whom agreed to provide access to the investigation under the condition of anonymity), but noted that they...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Apps, Cybersecurity, Digital Health, Health IT, mHealth, Patient / Consumer, Provider, Survey / Study, Technology, Trends
Related Articles:
Ongoing Play Ransomware Attack—What You Need To Know
Five Trends In Destructive Cyberattacks For 2025
Health system ransomware attacks surge in '24
2025 Will Be A Huge Year For The $220 Billion Dollar Cybersecurity Industry
The Cybersecurity Crystal Ball: 3 Predictions For 2025

Share This Article