Do you work out? Before COVID-19 struck, over 1 in 5 Americans belonged to at least one health club or studio in the US in 2019. As gyms and fitness centers were forced to shut down due to the pandemic, more people have started to do exercise at home. You may want to buy exercise equipment or sign up for online physical training memberships, but please also beware of your cybersecurity fitness. Continue reading to learn cybersecurity risks associated with fitness and how to protect yourself when you work out at home:
What’s the risk?
1. Device compromised due to malware attacks
For example, it is reported that Peloton, a famous exercise equipment company in the USA, had cybersecurity issues with their fitness products in June 2021.
Vulnerabilities were found in some Peloton bikes, enabling hackers to gain access to the devices (Peloton Bike+ or a Peloton Tread) and take control over them. Hackers could then install and run malicious apps in your Peloton bike (disguised as normal ones like Netflix or Spotify), opening backdoor access and spying on you remotely without your knowledge.
Hackers could steal all your sensitive credentials and use them for identity theft. Or, your camera and microphone could be compromised; your workout could be watched or even recorded unknowingly.
2. Personal information leaked in data leakes
Besides malicious attacks, data leaks also happen every now and then in health and fitness industry. Here are some examples:
- Total Fitness
Total Fitness, a UK health club, has confirmed a data leak in February 2021, exposing members’ banking information including account numbers. Total Fitness stressed that credit card information was not accessed, but there could still be cybersecurity risks – with the personal information stolen, hackers can commit identity theft.
- Town Sports International
Back in September 2020, Town Sports International, a US fitness chain, suffered a data leak, with over 600,000 people’s personal information leaked.
As BleepingComputer reported, leaked information included users’ names, addresses, phone numbers, email addresses, last four digits of credit cards, credit card expiration dates, and their billing history.
Cybercriminal could send users text messages or emails with phishing links and make them seem more convincing with these sensitive credentials, prompting users to click on the link and stealing further personal information.
Check if your email address is pwned right away:
How to protect your cybersecurity fitness
- Use stronger passwords.
- Check bank statements, bills, and credit reports regularly to see if there are uncommon issues over your account.
- Never click on links from unknown sources. Use Trend Micro Check for immediate scam detection.
- If your email or other login credentials are included in data leakes, please change passwords immediately.
Use Trend Micro ID Security to find out if your information was leaked in a data leak. Trend Micro ID Security can monitor your identifying data and alert you if any of them has been compromised.
Trend Micro ID Security includes:
- Email Checker: Monitors whether your email account has been involved in a leak
- Credit Card Checker: Finds out if someone has stolen your credit card number due to a leak
- Password Checker: Verifies if you have used a password currently in circulation on the dark web
Dark Web Personal Data Monitor: Scans the dark web for sensitive personal data such as your bank account number, driver’s license data, social security number, and passport details
Scan the QR code below to download Trend Micro ID Security for Android/iOS now:
Or click the button for more information about Trend Micro ID Security: