Data leaks have been found in two apps: Hzone, a dating app for HIV-positive individuals, and iFit, which uses health information to track fitness progress, according to DataBreaches. The Hzone vulnerability has compromised the health data of nearly 5,000 individuals and iFit's leak compromises data from more than 576,000 users.
Chris Vickery, a white-hat hacker and researcher who works to identify weaknesses in cybersecurity, reported the two breaches to DataBreaches, which covers hacking and data breach news, according to two Monday posts on the website. Mr. Vickery sent screenshots of sensitive health information he was able to access to DataBreaches on Dec. 8 and reported that as of Dec. 13, the information was still accessible, although it was secured later that day.
Mr. Vickery notified iFit of the vulnerability on Dec. 10 and submitted a support ticket the following day when he did not receive a response. iFit responded saying the data he had accessed contained actual patient information, but was several years old, according to DataBreaches.