Owners of Ultrahuman products have received a note from founder and CEO Mohit Kumar advising of a recent security incident and next steps. While the company says there’s no evidence of misuse of personal information, its still warning customers to take precautions.
The incident occurred on March 27, 2026 at which point Kumar notes that an unauthorized third-party gained read-only access to an internal system thatis used for internal analytics. “No passwords, card details, or payment data were involved,” he writes in the letter, “and we have found no evidence of misuse.
The access was limited, he advises, so the individual or group was not able to modify or delete data. The incident was quickly identified, the affected system was taken offline, and all access was revoked.
What personal information was disclosed? The hackers will have gotten hold of contact and account details as well as order and transaction history. But as noted, no passwords, payment or credit card information, or wellness data were accessible or affected by this incident. “Your Ultrahuman Ring continues to operate normally and to record accurate wellness information,” Kumar continues.
Once the system was taken offline and access revoked, Ultrahuman says it “strengthened access control policies across internal systems, including least-privilege access reviews; hardened endpoint security on all employee devices, with stricter configuration controls and continuous monitoring; increased the frequency of periodic access audits across internal tooling; and deployed export-volume anomaly detection and alerting on internal systems.” The company has also continued to conduct “active monitoring of public and other internet channels for any evidence of the publication or further misuse of the accessed information. To date, we have not identified any such publication or misuse.”
If you own and use an Ultrahuman Ring and have downloaded the companion app, Ultrahuman advises to be on the alert for phishing attempts. Any e-mails, text messages, or phone calls you receive purporting to come from Ultrahuman should be treated with caution. Do not click any links and note that Ultrahuman would never ask you to confirm details like your password, payment details, or other personal information via e-mail or text.
Those with further questions can e-mail [email protected] with the subject line “Security Incident.” The full legal notice is available at ultrahuman.com/legal/notice-march-2026.