Most wellness apps ask for your most personal data: what you eat, how much you weigh, when you sleep, how you feel. But what happens when that data ends up somewhere it shouldn't?
This is not a hypothetical question. It has already happened, repeatedly, to some of the biggest names in health and fitness.
150 Million MyFitnessPal Accounts Breached
In February 2018, an unauthorized party breached MyFitnessPal's servers and stole data from approximately 150 million user accounts, including usernames, email addresses, and passwords. Under Armour, the app's parent company at the time, disclosed the breach a month later. It remains one of the largest data breaches in the health and fitness industry.
The root cause was simple: all that user data was stored on centralized servers. One vulnerability was all it took.
Source: CNBC, March 2018
61 Million Fitness Tracker Records Left Exposed
In September 2021, security researchers discovered that GetHealth, a third-party platform that aggregates data from wearable devices, had left an entire database completely unsecured. No password. No encryption. Just 61 million records from users of Fitbit, Apple Health, Strava, and Google Fit sitting in plain text, including names, birthdates, weight, height, and geographic location.
Users never signed up for GetHealth directly. Their data was pulled through integrations they may not have even known existed.
Source: TechTarget, September 2021
Noom Shared Health Data with Third Parties
Noom, the popular weight loss and nutrition app, was found by Privacy International to be sharing sensitive health data including height, weight, health conditions, and dietary information with companies like Braze, FullStory, and Mixpanel. Class action lawsuits alleged that Noom embedded session replay code that recorded user interactions on the app. When you entered your weight or logged a meal, that data was not just going to Noom.
Source: Privacy International
Flo Health Shared Period Data with Facebook
Flo Health, one of the most popular period and fertility tracking apps with over 100 million users, promised that intimate health data would remain private. Instead, the app shared menstrual cycle dates, pregnancy status, and symptoms with Facebook, Google, and other advertising firms without user consent. The FTC filed a formal complaint, and the case resulted in a $56 million settlement.
This was not a hack. The company chose to share the data. Users had no idea.
Source: FTC, January 2021
BetterHelp Sent Mental Health Data to Facebook and Snapchat
BetterHelp, the online therapy platform with nearly 8 million users, shared sensitive mental health data with Facebook, Snapchat, and Pinterest for targeted advertising. This included email addresses, IP addresses, and answers to personal health intake questionnaires. The company had promised users their data would stay private. The FTC ordered BetterHelp to pay $7.8 million in refunds.
If a therapy app cannot keep your data private, the problem is not the policy. It is the architecture.
Source: FTC, March 2023
The Pattern Is Clear
Every one of these incidents shares a common thread: user data was stored on servers, processed in the cloud, or shared with third parties. The moment personal data leaves your device, you lose control over it. No privacy policy, no encryption promise, and no terms of service can guarantee that a server won't be breached, a database won't be misconfigured, or a company won't quietly monetize your information.
The Only Way to Prevent This
The safest data is data that never leaves your device.
That is the principle behind Disciplines. There are no servers to breach, no databases to expose, and no third parties to share with. Your wellness data is processed and stored entirely on your iPhone. We cannot see it. We cannot access it. It does not exist anywhere except on your device.
Privacy is not a feature we added. It is our foundation.
If you have been trusting your wellness data to apps that store it in the cloud, it may be worth asking: do they need to?