Wearable health tech startup Ultrahuman has reported a data breach where hackers gained unauthorized access to customer wellness data. The incident occurred after an employee's credentials were stolen via malware. The company informed affected customers on Wednesday, stating the breach happened on March 27 and involved a system used for internal analytics, based on information published by TechCrunch.Ultrahuman confirmed that attackers accessed customer data using credentials stolen from an employee's malware-infected laptop. This resulted in the wellness data of approximately 0.1% of its users being accessed, which could equate to at least 700 customers based on its reported user base. The company stated that no passwords, payment information, production systems, or Ultrahuman Ring devices were compromised.The threat actor obtained read-only access to the affected system, but it remains unconfirmed if any data was exfiltrated. Ultrahuman has notified regulators and is auditing the full scope of the incident.Source: TechCrunch
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
Related Terms
Attack VectorYou can skip this ad in 5 seconds