Fitbit Hacking – Are Your Wearable Devices At Risk?

Some of the hottest holiday gifts this past season were the wearable fitness tracking devices such as Fitbit, Runtastic Orbit & Mio Fuse.  But apparently the hackers of the world were paying attention as well and there have been reports of Fitbit accounts and other wearable technology accounts being compromised.  This was not reported as a breach on a large scale where a customer database was hacked.  It appears to have been some isolated incidents where customer usernames & passwords may have purchased on the black market where stolen account information is often bought and sold.

In the reported cases, the Fitbit identity thieves changed the account information shortly after stealing it.  This prevented the true account owners from accessing their accounts.  The criminals then used the stolen accounts to request replacement devices under warranty by reporting them as “faulty”.  In most cases, it was the more expensive Fitbit & wearable hardware that was the target of the scammers.  Its also scary to think of the personal health information that may be accessible to anyone who hacks a Fitbit account.   Previous articles on the topic have stated that a Fitbit type device can be hacked in less than 10 seconds.

As reported by Mr. Krebs, Fitbit’s cybersecurity team recently assigned risk levels to incoming requests. He quoted Fitbit’s CSO, Marc Bown as saying: “If we see an account that was used in a suspicious way or a large number of login requests for accounts coming from a small group of Internet addresses, we’ll lock the account and have the customer reconfirm specific information.” Not surprisingly, Fitbit has plans to introduce two-factor authentication to combat hijacking of Fitbit accounts via the company website.

You can read more about the Fitbit hacking incidents here.

Related Fitbit hacking resources:

https://www.schneier.com/blog/archives/2015/10/hacking_fitbit.html

https://www.theregister.co.uk/2015/10/21/fitbit_hack/

https://www.engadget.com/2015/10/21/fitbit-tracker-bluetooth-vulnerability/


Does Wearable Technology Increase The Risk of Identity Theft

The use of wearable technology in aiding the processes of collecting, delivering and using information has become incredibly popular. People nowadays make use of smart watches, fitness bands and other various wearable gadgets. It is great that we have become more connected using technology, however, one should still be concerned about their security and privacy while they are using those devices.

Senator Chuck Schumer of New York has garnered attention regarding the issues related to privacy protection that are connected with these wearables when he asked the Federal Trade Commission to start regulating the collected data by devices that tracks one’s activity just like what the fitness bands do. He said that the data collected by these devices should be personal. Moreover, the data collected could lead into a privacy nightmare once they have been sold to third parties without even the user’s consent.  There’s an interesting article about wearable data collection privacy on Politico.com, which believes that more regulation is not necessarily the way to go.

Technology giants poised to reap billions from selling “wearables” and other personal health technology are furiously lobbying Capitol Hill with a strong message: Don’t regulate our Fitbits. Read more here:

While some of these companies like the FitBit have tried addressing concerns regarding their security, there is no wonder why many people are still worried about it. After all, these wearables collect all sorts of personal information about the user. Moreover, some of these devices attract identity thieves by acquiring the user’s sensitive data without their consent or by being vulnerable to hacking.

Therefore, you need to know how to decrease you risk of becoming a victim of identity theft while you are wearing this technology by taking these precautions:

Read the company’s privacy policy

The privacy policy was created to tell you about everything you need to know about how these devices are collecting and using your information. You should always remember that these policies might be updated from time to time. Therefore, once you have been notified about it, you should read and review them carefully. You should find out what information they collect, how it is stored and whether they share it to a third party. You should also remember that these policies are not regulated federally. Therefore, it may vary from business to business. Moreover, no laws have been mandating the things needed to be protected. Therefore, there are cases where the company providing these devices do not have any privacy policy.

Only use secure networks

You should use a secure Wi-Fi network as much as possible. By doing so, you are decreasing your risk of becoming a victim of identity theft. In addition, you should never send any kind of information through a public network for it could be quite risky.

Opt out

If tracking your location and information is not needed for use of the device, find out if the service allows you to opt out. There are cases where it could be as simple as just turning off the Bluetooth feature of the device or requesting that you be removed from the company directly.

Go for strong passwords.

Most of these devices ask the users to create an account where they need to choose their username and password. Therefore, you need to carefully create your passwords. You should mix up letters and numbers with symbols and cases. If you have multiple accounts, it is not advised to use the same passwords for all of them.

Wearable technology is quickly becoming a major trend that is unlikely to go away any time soon. Therefore, we all need to make sure that our safety and identity should not be compromised while using them.

Related Article: The Best Credit Monitoring Services for 2017