Última hora
RUГруппировка "Восток" продвинулась вглубь обороны противника, ВСУ понесли потериTRTrump'ın Ankara Ziyareti Öncesi Güvenlik Önlemleri ve Otel DetaylarıTRReal Madrid'in Haaland Transfer Stratejisi: Vinicius'un Geleceği BelirsizARضبط 127 مليار دينار و24 مليون دولار في قضية فساد وكيل وزارة النفط العراقيARثنائي باريس سان جيرمان يقود البرتغال في كأس العالم 2026.. والغموض يكتنف قرار فيفا بشأن بالوغونSEFifa bryter mot sina egna regler för att blidka politikerCN美智庫報告:中國面臨「台灣海峽困境」而非「馬六甲困境」TRTürkiye'de Sıcak Hava Dalgaları Devam EdecekARتوتنهام يضم لاعب الوسط الإيطالي تونالي في صفقة ضخمةUKWegovy Weight-Loss Pill Now Available in UK Pharmacies, Not Yet on NHSRUГруппировка "Восток" продвинулась вглубь обороны противника, ВСУ понесли потериTRTrump'ın Ankara Ziyareti Öncesi Güvenlik Önlemleri ve Otel DetaylarıTRReal Madrid'in Haaland Transfer Stratejisi: Vinicius'un Geleceği BelirsizARضبط 127 مليار دينار و24 مليون دولار في قضية فساد وكيل وزارة النفط العراقيARثنائي باريس سان جيرمان يقود البرتغال في كأس العالم 2026.. والغموض يكتنف قرار فيفا بشأن بالوغونSEFifa bryter mot sina egna regler för att blidka politikerCN美智庫報告:中國面臨「台灣海峽困境」而非「馬六甲困境」TRTürkiye'de Sıcak Hava Dalgaları Devam EdecekARتوتنهام يضم لاعب الوسط الإيطالي تونالي في صفقة ضخمةUKWegovy Weight-Loss Pill Now Available in UK Pharmacies, Not Yet on NHS
Newsgather
BackUltrahuman data breach exposes wellness data of ~700 users
Ultrahuman data breach exposes wellness data of ~700 users
Urgente
TechCrunch03.06.2026Tecnología2 dk okumaUnited States

Ultrahuman data breach exposes wellness data of ~700 users

En resumen

  • Wearable health-tech startup Ultrahuman confirmed a data breach on March 27, where hackers accessed customer wellness data after stealing an employee's credentials via malware.
  • Approximately 700 users' data was accessed, though no payment or password information was compromised.

Resumen generado por IA

Por qué importa

Wearable health-tech startup Ultrahuman, based in India, sells smart rings and metabolic health-tracking devices. The company experienced a data breach on March 27, 2026, where hackers gained unauthorized access to customer wellness data.

Tamaño de fuente

Wearable health-tech startup Ultrahuman said hackers gained unauthorized access to customers’ wellness data after stealing an employee’s credentials through malware.

On Wednesday, the India-based startup informed affected customers of the incident via email, stating that the breach occurred on March 27 and involved a system used for internal analytics. The company said it detected the intrusion promptly, took the affected system offline, and revoked all access.

Founded in 2019, Ultrahuman sells smart rings and metabolic health-tracking devices that enable users to monitor metrics such as sleep, activity and recovery. The startup is best known for its Ring Air, which competes with the Oura Ring, and recently introduced the Ring Pro with upgraded sensors and battery life.

Confirming the incident, Ultrahuman told TechCrunch that the attackers gained access using credentials stolen from an employee’s malware-infected laptop, resulting in wellness data belonging to about 0.1% of users being accessed.

Based on the company’s previously reported figure of roughly 700,000 monthly active users, that would equate to at least 700 customers who had their health data accessed. Ultrahuman did not dispute this figure, but declined to disclose the exact number of customers affected. The company said no passwords, payment information, production systems, or Ultrahuman Ring devices were compromised.

“Our security alerting systems detected the incident within hours, and we closed the vulnerability swiftly,” Ultrahuman CEO Mohit Kumar said in a statement to TechCrunch.

Kumar added that the startup was notifying regulators and had delayed informing affected users while it audited the full scope of the incident and determined what data had been affected.

Ultrahuman declined to share any details on whether it received any communication from the hackers responsible for the incident, nor say what exactly constitutes “wellness data.” The breach highlights how wellness tracker startups, like Ultrahuman and also Oura, store users’ data on their servers in a way that allows their employees — as well as governments and malicious hackers — to access customers’ health data.

The startup said in an FAQ published on its website that the threat actor obtained “read-only” access to the affected system. However, the company declined to confirm whether its investigation had determined if any customer data was exfiltrated.

Preguntas abiertas

  • What specific types of 'wellness data' were accessed?
  • Was any customer data actually exfiltrated, or was access strictly 'read-only'?
  • Did Ultrahuman receive any communication from the hackers?
  • What specific malware was used to infect the employee's laptop?

Temas relacionados

This article was originally published by TechCrunch.

Noticias relacionadas

Más sobre este temaUltrahuman