The Under Armour owned food tracking service, MyFitnessPal, was hacked in February of this year and is just now letting customers know. According to an email to customers, the service somehow was only notified themselves about the hack on March 25, 2018.
On March 25, 2018, we became aware that during February of this year an unauthorized party acquired data associated with MyFitnessPal user accounts.
The service also notified customers about the type of information that was obtained by hackers:
The affected information included usernames, email addresses, and hashed passwords – the majority with the hashing function called bcrypt used to secure passwords.
Fortunately, for those that subscribe to the premium service, MyFitnessPal states that credit card information was not stolen because that information is handled differently.
Obviously, if you start receiving an additional load of strange Spam emails its probably due to this reason. Reports over the past couple weeks do show an increase activity where Spam filters are not catching emails that customers believe should be filtered out.
myFitnessPal has notified law enforcement and is working to investigate the breach further. It also provides the following next steps for customers…
- We are notifying MyFitnessPal users to provide information on how they can protect their data.
- We will be requiring MyFitnessPal users to change their passwords and urge users to do so immediately.
- We continue to monitor for suspicious activity and to coordinate with law enforcement authorities.
- We continue to make enhancements to our systems to detect and prevent unauthorized access to user information.
Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in Dallas, Texas in 2018!