My friend's mental health app got hacked and it was a nightmare

They had sensitive conversations stored that were accessed. From what I've seen, always enable two-factor authentication on any app that handles personal health data.

3 comments

3 Comments

betty_gonzalez1mo ago

Absolutely, two-factor is a must for anything that personal. My fitness tracker got breached last year and seeing my sleep patterns shared somewhere was just creepy. Makes you realize how much trust we put in these apps.

lane.morgan1mo ago

But what if the real issue isn't just security but how companies use our data? Two-factor stops someone from logging in as you, but it doesn't prevent the app itself from sharing your info. For example, a lot of free health apps make money by selling your activity trends to third parties, which is totally allowed in their fine print. So even with a strong password, your daily steps or heart rate might end up in some report. We focus on locks for the door but ignore the company handing out copies of the key. It feels like we're fixing one small leak in a much bigger problem.

the_lily1mo ago

Remember when my heart rate data from a meditation app ended up in some weird marketing report. After that I went through every app on my phone and turned off permissions for anything that didn't absolutely need it. Most of them work fine with just the basic info. It's a pain but it really cuts down on what can get out if there's another breach.