Ultrahuman Hacked: User Data Stolen

Ultrahuman, a wearable tech startup, announced that hackers accessed customer health data after infiltrating an employee's computer via malware. The India-based company notified affected users by email, stating the incident occurred on March 27 in one of its internal analytics systems. Techcrunch.com reports on this. report .

Founded in 2019, Ultrahuman primarily sells smart rings and metabolic health devices that track sleep, activity, and recovery metrics. The company's Ring Air and recently launched Ring Pro models compete with brands like Oura Ring. Company representatives confirmed to TechCrunch that hackers gained access using login credentials stolen from an employee's laptop.

Preliminary estimates suggest approximately 0.1% of users were affected by this breach. Given that the Ultrahuman platform has nearly 700,000 active users, the personal health data of at least 700 individuals may have been compromised. While the company has not disclosed the exact number, it emphasizes that passwords, payment information, and Ultrahuman Ring devices themselves were not directly compromised.

Ultrahuman CEO Mohit Kumar stated that security systems detected the incident within hours and the vulnerability was immediately patched. He explained that the delay in notifying users was due to the need to fully investigate the scope of the incident and determine exactly what type of data had leaked.

This cyberattack has once again highlighted concerns regarding how health-tracking startups like Ultrahuman and Oura store user data on their servers. It remains unclear whether the hackers merely viewed the data or exfiltrated it.