Global Edition

Philip's HealthSuite Android app poses possible security risk

Both Philips and the Department of Homeland Security warned of the app's inadequate encryption strength and vulnerability to hackers.
By Laura Lovett
December 12, 2018
02:13 pm
Share

Last week the Department of Homeland Security and Philips issued notices alerting the public to possible cyber security risks in Philip’s HealthSuite Health Android app. 

The DHS said the risk was related to inadequate encryption strength and warned that it would not be difficult for hackers to exploit this vulnerability. 

“Successful exploitation of this vulnerability may allow an attacker with physical access to impact confidentiality and integrity of the product,” the DHS wrote in its warning. 

The app can connect to Philip’s health monitoring devices including a health watch, connected scale, blood pressure monitor and thermometer. 

Earlier last week Philips also issued a statement about the potential risk, clarifying that as of now no one has reported being hacked.  

“At this time, Philips has received no reports of exploitation of this vulnerability or incidents from clinical use that we have been able to associate with this vulnerability," Philips wrote in a statement addressing the problem. "Philips analysis indicates that there is no expectation of patient hazard due to this issue."

The company said it will be launching new software in the first quarter of 2019 to address the vulnerability. Until then Philips recommends users avoid jail-breaking or rooting their smart phones. 

Why it matters

While no exploitations have been reported thus far, Philips said that if a hacker is able to access to a user’s app they could access data that could be detrimental to the “confidentiality and integrity of the product.” 

What's the trend

The digital health world is no stranger to hacks. In July, research center Appthority reported that a security vulnerability affecting more than 3,000 mobile apps was exposing more than 4 million protected health records, which include prescription details and sensitive chat messages. 

Cybersecurity made headlines last January when the Institute for United Conflict Analysts discovered that fitness app Strava’s heat map data betrayed the locations of US military bases and patrol routes. 

This prompted the pentagon to clamp down on wearable fitness devices and implement new restrictions which specify that military personal deployed in operational areas will not be allowed to use wearable trackers or smartphone apps, government issued or otherwise, that can identify their location. 

Tags: 
Philips, Philips HealthSuite, cybersecurity, Department of Homeland Security, data security, hacks

More regional news

Healthcare provider checking a small patient

Study: GPT-4 helps clinicians with physical exam guidance

By
Anthony Vecchione
December 20, 2024
Oura Ring

Oura secures $200M, boosting its valuation to $5.2B

By
Anthony Vecchione
December 20, 2024
Five business people sitting on chairs in a circle

Executives reflect on 2024's biggest surprises, part two

By
Jessica Hagen and Anthony Vecchione
December 20, 2024
Share

Top Story

Five business people sitting on chairs in a circle
Executives reflect on 2024's biggest surprises, part two

Editor's Pick

HealthTap lawsuit alleges VC firm manipulated valuation for takeover
Q&A: Hackensack Meridian Health on its AI expenditures in 2025
Surgo Health launches Youth Mental Health Tracker backed by SHOWTIME/MTV, Melinda Gates
Hinge Health joins Amazon Health Services to offer MSK care
Staffing company Aya Healthcare acquires Cross Country Healthcare for $615M
FDA issues guidance on predetermined change control plan for AI-enabled device software functions

More Stories

Healthcare provider checking a small patient
Study: GPT-4 helps clinicians with physical exam guidance
Oura Ring
Oura secures $200M, boosting its valuation to $5.2B
Person speaking to healthcare provider on a tablet
Culina Health garners $7.9M to enhance virtual nutrition platform
Healthcare professional in scrubs looking at a tablet
Executives reflect on 2024’s biggest surprises, part one
Patient consulting with healthcare professional virtually
Wisp, Nourish partner for GLP-1s nutrition counseling for women
Executives at a lecture
Scripta Insights secures $17M for health plan expansion
Business people in a meeting
Promise Bio secures $8.3M in seed investment for immune-mediated diseases
Healthcare provider with a patient and their caregiver
Suki partners with Google Cloud to enhance AI-enabled voice tool