MyFitnessPal is a fitness tracking app that was created in 2005, then in 2015, Under Armor purchased it for $475 million. On March 25, 2018, Under Armor alerted customers that a MyFitnessPal data breach had occurred, affecting 150 million accounts. Under Armor wasted no time notifying the authorities and customers. Cybersecurity experts secured the app and are continuously monitoring for any unusual or suspicious activity. They also required every user to reset their password. Although there are no clear details on why the MyFitnessPal breach occurred, experts are speculating that it was due to a vulnerability in the security of the MyFitnessPal server and possibly the actions of an employee.
When Was the MyFitnessPal Data Breach?
The MyFitnessPal data breach occurred in February of 2018. The hackers obtained usernames, passwords (hashed), and email addresses. A year later, this data by the MyFitnessPal hack was found on the dark web being sold for around $20,000. Under Armor had already reset all affected user’s passwords, so essentially, the information is useless except if used for phishing emails or other identity theft scams.
How to Check if Your Data Was Breached By MyFitnessPal Hack
If you were a user of the MyFitnessPal data breach in 2018, you were affected. You should have received a notice from the app to reset your password. Additionally, MyFitnessPal posted a notice of the MyFitnessPal breach and also an FAQ page with answers to popular questions by customers affected by the MyFitnessPal data breach.
What to Do if Your Data Was Stolen By MyFitnessPal Breach
If you use the app regularly, by now, you have reset your password. However, you should also consider a few other changes, such as:
-
If you used the same password for MyFitnessPal on other websites, change it immediately.
-
Review your credit card and bank statements each month looking for any suspicious activity.
-
Get a copy of your credit report and sign up for credit monitoring (IDStrong.com does this for you).
-
Run a full antivirus scan of your computer.
Also, watch out for emails that look like they came from MyFitnessPal, but the links go to a fake or spoofed website.
Can MyFitnessPal Data Breach Cause Identity Theft?
The information stolen by thieves by the MyFitnessPal data breach and then sold on the dark web is precisely the type of information cybercriminals use to launch phishing attacks and scams for identity theft. They use the email addresses and logins to send out emails, luring customers into clicking a link or downloading some attachment and infecting their computer with a virus or malware. Sometimes these viruses allow criminals to take control of your computer, and they demand ransom to release it; this is called ransomware, and it is becoming very common.
What to Do to Protect Yourself When Using Mobile Apps
Mobile apps like MyFitnessPal have become a big part of our daily lives. Depending on the app, it may collect and store a lot of personal information about you. That information is then at the mercy of the security on the server where it resides. The best way to protect yourself is by being careful and selective when giving out your personal details.
-
Trust only verified apps that have good reputations.
-
Use a distinct password for each app you use, never reuse the same one.
-
When creating passwords, make them long and strong (a combination of symbols, letters, and numbers).
-
Install antivirus on your computer and run scans often.
-
Never open emails from someone you don’t know.
-
Do not click links in emails or download any attachments.
-
Always look for the “lock” symbol or https when visiting online app portals to make sure they are secured.
