All of the 30 popular mHealth apps that were tested are vulnerable to API attacks that can allow unauthorized access to full patient records including protected health information (PHI) and personally identifiable information (PII) The Knight Ink vulnerability research study details findings, and also notes that the results are particularly worrisome given the increased reliance on apps during the global pandemic. The average number of downloads for each app tested was 772,619, and it’s estimated that the 30 apps exposed expose some 23 million mHealth users.
Source: https://www.helpnetsecurity.com/2021/02/12/mhealth-apps-expose-pii-phi-through-apis/