MyFitnessPal has announced that it experienced a breach in February which saw an “unauthorised party” acquire data from around 150 million user accounts. The firm says it only became aware of the theft on March 25th. If you have an account with the service, it’s likely that your username, email address, and hashed passwords have been stolen. The passwords were hashed with bcrypt, meaning they should be secure.
In a statement, Paul Fipps, Chief Digital Officer at the firm said:
“Once we became aware, we quickly took steps to determine the nature and scope of the issue. We are working with leading data security firms to assist in our investigation. We have also notified and are coordinating with law enforcement authorities.
We are taking steps to protect our community, including the following:
- We are notifying MyFitnessPal users to provide information on how they can protect their data.
- We will be requiring MyFitnessPal users to change their passwords and urge users to do so immediately.
- We continue to monitor for suspicious activity and to coordinate with law enforcement authorities.
- We continue to make enhancements to our systems to detect and prevent unauthorized access to user information.”
Despite the measures which MyFitnessPal have taken the secure your data, there are still actions which you can take to further protect yourself. First and foremost, you should go through your online accounts and change the passwords if they are the same as the one you used on MyFitnessPal. While you’re doing this, just check that your accounts haven’t experienced any suspicious activity, for example you could check the logs to see where the accounts have been logged into from.
The company also suggests that you be careful of the emails you receive. It says that if you receive any communications asking for personal details or that refer you to a website asking for personal details you should take extra care that the request is legitimate. If you do get any emails, you should also be careful of malicious links or attachments.
With all the data that MyFitnessPal holds on you; such as your eating and drinking habits, as well as any exercise data you add, things could have been worse. Luckily, it seems just like another run-of-the-mill email address heist, and they don’t tend to cause much trouble for users.
Source: MyFitnessPal via Irish Times | Image via Rethink Breast Cancer
24 Comments - Add comment