{"id":55395,"date":"2026-03-10T11:33:22","date_gmt":"2026-03-10T15:33:22","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?p=55395"},"modified":"2026-03-10T11:36:08","modified_gmt":"2026-03-10T15:36:08","slug":"mental-health-apps-issues-2026","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/mental-health-apps-issues-2026\/55395\/","title":{"rendered":"Brain drain: vulnerabilities in mental health apps"},"content":{"rendered":"

In February 2026, the cybersecurity firm Oversecured published a report that makes you want to factory reset your phone and move into a remote cabin in the woods. Researchers audited<\/a> 10 popular Android mental health apps \u2014 ranging from mood trackers and AI therapists to tools for managing depression and anxiety \u2014 and uncovered\u2026 1575 vulnerabilities! Fifty-four of those flaws were classified as critical. Given the download stats on Google Play, as many as 15 million people could be affected. The real kicker? Six out of the ten apps tested explicitly promised users that their data was \u201cfully encrypted and securely protected\u201d.<\/p>\n

We\u2019re breaking down this scandalous \u201cbrain drain\u201d: what exactly could leak, how it\u2019s happening, and why \u201canonymity\u201d in these services is usually just a marketing myth.<\/p>\n

What was found in the apps<\/h2>\n

Oversecured is a mobile app security firm that uses a specialized scanner to analyze APK files for known vulnerability patterns across dozens of categories. In January 2026, researchers ran ten mental health monitoring apps from Google Play through the scanner \u2014 and the results were, shall we say, \u201cspectacular\u201d.<\/p>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
App Type<\/td>\nInstalls<\/td>\nSecurity vulnerabilities<\/td>\n<\/tr>\n
High-severity<\/td>\nMedium-severity<\/td>\nLow-severity<\/td>\nTotal<\/td>\n<\/tr>\n
Mood & habit tracker<\/td>\n10M+<\/td>\n1<\/td>\n147<\/td>\n189<\/td>\n337<\/td>\n<\/tr>\n
AI therapy chatbot<\/td>\n1M+<\/td>\n23<\/td>\n63<\/td>\n169<\/td>\n255<\/td>\n<\/tr>\n
AI emotional health platform<\/td>\n1M+<\/td>\n13<\/td>\n124<\/td>\n78<\/td>\n215<\/td>\n<\/tr>\n
Health & symptom tracker<\/td>\n500k+<\/td>\n7<\/td>\n31<\/td>\n173<\/td>\n211<\/td>\n<\/tr>\n
Depression management tool<\/td>\n100k+<\/td>\n0<\/td>\n66<\/td>\n91<\/td>\n157<\/td>\n<\/tr>\n
CBT-based anxiety app<\/td>\n500k+<\/td>\n3<\/td>\n45<\/td>\n62<\/td>\n110<\/td>\n<\/tr>\n
Online therapy & support community<\/td>\n1M+<\/td>\n7<\/td>\n20<\/td>\n71<\/td>\n98<\/td>\n<\/tr>\n
Anxiety & phobia self-help<\/td>\n50k+<\/td>\n0<\/td>\n15<\/td>\n54<\/td>\n69<\/td>\n<\/tr>\n
Military stress management<\/td>\n50k+<\/td>\n0<\/td>\n12<\/td>\n50<\/td>\n62<\/td>\n<\/tr>\n
AI CBT chatbot<\/td>\n500k+<\/td>\n0<\/td>\n15<\/td>\n46<\/td>\n61<\/td>\n<\/tr>\n
Total<\/strong><\/td>\n14.7\u041c+<\/strong><\/td>\n54<\/strong><\/td>\n538<\/strong><\/td>\n983<\/strong><\/td>\n1575<\/strong><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
\n

Vulnerabilities found in the 10 tested mental health apps. Source<\/a><\/p>\n<\/div>\n

The anatomy of the flaws<\/h2>\n

The discovered vulnerabilities are diverse, but they all boil down to one thing: giving attackers access to data that should be under lock and key.<\/p>\n

For starters, one of the vulnerabilities allows an attacker to access any internal activity of the app \u2014 even that never intended for external eyes. This opens the door to hijacking authentication tokens and user session data. Once an attacker has those, they essentially could gain access to a user\u2019s therapy records.<\/p>\n

Another issue is insecure local data storage with read permissions granted to any other app on the device. In other words, that random flashlight app or calculator on your smartphone could potentially read your cognitive behavioral therapy (CBT) logs, personal notes, and mood assessments.<\/p>\n

The researchers also found unencrypted configuration data baked right into the APK installation files. This included backend API endpoints and hardcoded URLs for Firebase databases.<\/p>\n

Furthermore, several apps were caught using the cryptographically weak java.util.Random<\/em> class to generate session tokens and encryption keys.<\/p>\n

Finally, most of the tested apps lacked root\/jailbreak detection. On a rooted device, any third-party app with root privileges could gain total access to every bit of locally stored medical data.<\/p>\n

Shockingly, of the 10 apps analyzed, only four received updates in February 2026. The rest haven\u2019t seen a patch since November 2025, and one hasn\u2019t been touched since September 2024. Going 18 months without a security patch is a lifetime in this industry \u2014 especially for an app housing mood journals, therapy transcripts, and medication schedules.<\/p>\n

Here\u2019s a quick reminder of just how dangerous the misuse of this type of data gets. In 2024, the tech world was rocked by a sophisticated attack on XZ Utils<\/a>, a critical component found in virtually every operating system based on the Linux kernel. The attacker successfully pressured the maintainer into handing over code commit permissions by exploiting the developer\u2019s public admission of burnout and a lack of motivation to carry on with the project. Had the attack been completed, the damage would have been mind-boggling given that roughly 80% of the world\u2019s servers run on Linux.<\/p>\n

What could leak?<\/h2>\n

What do these apps collect and store? It\u2019s the kind of stuff you\u2019d likely only share with a trusted clinician: therapy session transcripts, mood logs, medication schedules, self-harm indicators, CBT notes, and various clinical assessment scales.<\/p>\n

As far back as 2021, complete medical records were selling on the dark web for US$1000 each<\/a>. For comparison, a stolen credit card number goes for anywhere between US$5 and US$30. Medical records contain a full identity package: name, address, insurance details, and diagnostic history. Unlike a credit card, you can\u2019t exactly \u201creissue\u201d your medical history. Furthermore, medical fraud is notoriously difficult to spot. While a bank might flag a suspicious transaction in hours, a fraudulent insurance claim for a phantom treatment can go unnoticed for years.<\/p>\n

We\u2019ve seen this movie before<\/h2>\n

The Oversecured study isn\u2019t just an isolated horror story.<\/p>\n

Back in 2020, Julius Kivim\u00e4ki hacked the database of the Finnish psychotherapy clinic Vastaamo<\/a>, making off with the records of 33\u00a0000 patients. When the clinic refused to cough up a \u20ac400\u00a0000 ransom, Kivim\u00e4ki began sending direct threats to patients: \u201cPay \u20ac200 in Bitcoin within 24 hours, or else your records go public\u201d. Ultimately, he leaked the entire database onto the dark web anyway. At least two people died by suicide, and the clinic was forced into bankruptcy. Kivim\u00e4ki was eventually sentenced to six years and three months in prison, marking a record-breaking trial in Finland for the sheer number of victims involved.<\/p>\n

In 2023, the U.S. Federal Trade Commission (FTC) slapped the online therapy giant BetterHelp<\/a> with a US$7.8 million fine. Despite stating on their sign-up page that your data was strictly confidential, the company was caught funneling user info \u2014 including mental health questionnaire responses, emails, and IP addresses \u2014 to Facebook, Snapchat, Criteo, and Pinterest for targeted advertising. After the dust settled, 800\u00a0000 affected users received a grand total of\u2026 US$10 each in compensation.<\/p>\n

By 2024, the FTC set its sights on the telehealth firm Cerebral<\/a>, tagging them with a US$7 million fine. Through tracking pixels<\/a>, Cerebral leaked the data of 3.2 million users to LinkedIn, Snapchat, and TikTok. The haul included names, medical histories, prescriptions, appointment dates, and insurance info. And the cherry on top? The company sent promotional postcards (sans envelopes) to 6000 patients, which effectively broadcasted that the recipients were undergoing psychiatric treatment.<\/p>\n

In September 2024, security researcher Jeremiah Fowler stumbled upon an exposed database belonging to Confidant Health<\/a>, a provider specializing in addiction recovery and mental health services. The database contained audio and video recordings of therapy sessions, transcripts, psychiatric notes, drug test results, and even copies of driver\u2019s licenses. In total, 5.3 terabytes of data, 126\u00a0000 files, or 1.7 million records were sitting there without a password.<\/p>\n

Why anonymity is an illusion<\/h2>\n

Developers love to drop the line: \u201cWe never share your personal data with anyone.\u201d Technically, that might be true \u2014 instead, they share \u201canonymized profiles\u201d. The catch? De-anonymizing that data isn\u2019t exactly rocket science anymore. Recent research<\/a> highlights that using LLMs to strip away anonymity has become a routine reality.<\/p>\n

Even the \u201canonymization\u201d process itself is often a mess. A study by Duke University<\/a> revealed that data brokers are openly hawking the mental health data of Americans. Out of 37 brokers surveyed, 11 agreed to sell data linked to specific diagnoses (like depression, anxiety, and bipolar disorder), demographic parameters, and in some cases, even names and home addresses. Prices started as low as US$275 for 5000 aggregated records.<\/p>\n

According to the Mozilla Foundation<\/a>, by 2023, 59% of popular mental health apps failed to meet even the most basic privacy standards, and 40% had actually become less secure than the previous year. These apps allowed account creation via third-party services (like Google, Apple, and Facebook), featured suspiciously brief privacy policies that glossed over data collection details, and employed a clever little loophole: some privacy policies applied strictly to the company\u2019s website, but not the app itself. In short, your clicks on the site were \u201cprotected\u201d, but your actions within the app were fair game.<\/p>\n

How to protect yourself<\/h2>\n

Cutting these apps out of your life entirely is, of course, the most foolproof option \u2014 but it\u2019s not the most realistic one. Besides, there\u2019s no guarantee you can actually nuke the data already collected \u2014 even if you delete your account. We previously covered the grueling process of scrubbing your info from data broker databases<\/a>; it\u2019s possible, but prepare for a headache. So, how can you stay safe?<\/p>\n