Wearable technology company Ultrahuman has disclosed a cybersecurity incident that allowed hackers to access wellness data belonging to a small portion of its customer base, underscoring the growing security risks facing companies that collect large amounts of personal health information. The breach stemmed from compromised employee credentials rather than a direct attack on the company’s products or customer accounts.
Founded in 2019, Ultrahuman is one of the most prominent smart-ring manufacturers, competing directly with companies such as Oura in the rapidly expanding wearable health technology market.
According to the company, the intrusion occurred on March 27 when attackers gained access to an internal analytics system using credentials stolen from an employee laptop that had been infected with malware. Once the credentials were compromised, the attackers were able to enter a platform used internally for analyzing customer data. Ultrahuman said its security monitoring systems detected the activity within hours, after which the affected system was taken offline and all unauthorized access was revoked.
The company stated that approximately 0.1% of its users were affected by the incident. While Ultrahuman declined to reveal the exact number of customers involved, reports indicate that the company has previously cited a user base of roughly 700,000 active users, suggesting that hundreds of customers may have had some of their wellness information exposed.
Additionally, the company also emphasized that the breach did not compromise passwords, payment information, production systems, or customer devices and its wearable products, including smart rings and related hardware, remained secure throughout the incident.
However, it’s still unclear what kind of data was accessed. Ultrahuman referred to the exposed records as “wellness data” but has not publicly provided a detailed breakdown of the affected data categories. Given the company’s focus on health tracking, its platform stores a wide range of user information, including sleep patterns, activity levels, heart rate metrics, recovery data, skin temperature readings, and other health-related measurements generated through its wearable devices and mobile applications.
The company said it delayed notifying affected customers while conducting a forensic investigation to determine the scope of the incident and identify exactly what information had been accessed. Regulators have also been informed as part of the company’s response process.
The breach highlights a growing challenge for the wearable technology industry. As smart rings, fitness trackers, and digital health platforms become more sophisticated, they collect increasingly detailed information about users’ lifestyles, physical conditions, and daily habits. While this data enables personalized health insights, it also creates attractive targets for cybercriminals seeking access to sensitive personal information.
Cybersecurity experts note that many modern breaches no longer begin with attacks on corporate servers. Instead, attackers frequently target employees through phishing campaigns, malware infections, or credential theft. Once valid login credentials are obtained, hackers can often bypass many traditional security defenses because they appear to be legitimate users. The Ultrahuman incident appears to follow this increasingly common pattern.
