Healthcare IT News February 9, 2021
Dave Muoio

Thirty mobile health apps from larger healthcare information technology companies were susceptible to a broken object level authorization (BOLA) attack.

A recent report testing the security capabilities of several mobile health apps highlighted “systemic” shortcomings and vulnerabilities that could lead to the exposure of users’ sensitive health and identity information.

Conducted by cybersecurity marketing firm Knight Ink and sponsored by mobile app API security company Approov, the investigation reverse-engineered 30 mobile health apps using an open source security framework, analyzed their static code and then penetration-tested their APIs.

The report did not disclose the names of the tested apps or developers (some of whom agreed to provide access to the investigation under the condition of anonymity), but noted that they...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Apps, Cybersecurity, Digital Health, Health IT, mHealth, Patient / Consumer, Provider, Survey / Study, Technology, Trends
Related Articles:
The cybersecurity provider’s next opportunity: Making AI safer
Cyber resiliency in healthcare — 3 roundtable takeaways
National cyber director calls for streamlined security regulations
Hackers Are Using AI Against You: Here Is How To Protect Yourself
How Generative AI Will Change Jobs In Cybersecurity

Share This Article