News Feature | December 5, 2014

FDA Approved Apps Still Being Hacked

Katie Wike

By Katie Wike, contributing writer


Ninety percent of Android healthcare apps have been hacked, according to a report from Arxan Technologies.

A recent report from Arxan Technologies, State of Mobile App Security, has found FDA-approved apps are not immune to hackers. According to an infographic accompanying the report, 90 percent of Android healthcare apps were hacked - and 22 percent of those were FDA approved.

“Healthcare apps are quickly evolving to provide more than informational value of plan benefits and operations,” explains the report. “Many are now providing high-value services including dynamic access to consumer personal identifiable information (PII). PII ranges in type of data captured in relation to personal records (social security, account number, employee ID, patient data, credit card data, etc.).”

According to Healthcare IT News, Android apps are not the only ones to be hacked. Eighty-seven percent of the top 100 paid Apple iOS apps have also been hacked. This number doesn't even take into account the free apps that have been breached.

“The fact that the hacking rate is so high for healthcare apps is indicative of a possible lack of information security training and resources in the healthcare field,” an Arxan spokesperson said. Because such apps tend to hold confidential patient information, “these breaches are posing a serious risk to patient safety.”

“As such, these apps must be protected from such attacks before being recommended by physicians,” Arxan's spokesperson said. “Otherwise, a continued lack of protection will lead to data compromise and having to safeguard sensitive patient information.”

Echoing Arxon’s report was an earlier Electronic Frontier Foundation study which found only 15 percent of the top messaging apps were secure.