MyFitnessPal Data Breach Impacts 150 Million User Accounts

MyFitnessPal parent company Under Armour today announced that MyFitnessPal has been the victim of a hacking incident, which has seen personal details of approximately 150 million user accounts accessed in a data breach.

MyFitnessPal is a popular health and fitness iOS app and website that's used by many iPhone and iPad owners, and it is consistently among the top Health and Fitness apps in the App Store.


The breach, which happened in late February, included usernames, emails, and encrypted passwords. Credit card numbers from paying customers were not accessed.

Under Armor has already been sending emails and in-app messages to its customers who were affected by the breach. The company says it is working with "leading data security firms" to assist in its investigation.

MyFitnessPal users will be required to change their passwords.



Top Rated Comments

(View all)
Avatar
17 months ago




Social security numbers, driver license numbers, and credit/debit card information were not accessed.

Article Link: MyFitnessPal Data Breach Impacts 150 Million User Accounts ('https://www.macrumors.com/2018/03/29/myfitnesspal-data-breach/')


Uh, whoever wrote this article needs to quote from the actual MFP/UA release:

"The affected data did not include government-issued identifiers (such as Social Security numbers and driver's license numbers) because we don't collect that information from users. Payment card data was not affected because it is collected and processed separately."

FAQ #3: https://content.myfitnesspal.com/security-information/FAQ.html
Rating: 26 Votes
Avatar
17 months ago


The breach, which happened in late February, included usernames, emails, and encrypted passwords. Social security numbers, driver license numbers, and credit/debit card information were not accessed.


Serious question: Why the F does MyFitnessPal need someone's SSN or Driver's License number? ...Isn't the point to track your food intake and weight?
Rating: 19 Votes
Avatar
17 months ago

Social security numbers, driver license numbers, and credit/debit card information were not accessed.

Article Link: MyFitnessPal Data Breach Impacts 150 Million User Accounts ('https://www.macrumors.com/2018/03/29/myfitnesspal-data-breach/')


The British Crown Jewels, the Mona Lisa, and the US Declaration of Independence were also left alone...
Rating: 8 Votes
Avatar
17 months ago

Serious question: Why the F does MyFitnessPal need someone's SSN or Driver's License number? ...Isn't the point to track your food intake and weight?


What are they doing holding customers' social security and driver license numbers?


My thought is that they don't but were just clarifying since this will be national news that nothing of that sort was obtained by hackers.
Rating: 8 Votes
Avatar
17 months ago
What are they doing holding customers' social security and driver license numbers?
Rating: 6 Votes
Avatar
17 months ago

Data triangulation. I know if at least one supermarket chain that does the same for rewards cards. Links bank information and DOL data even if you give fake info because it throws it out when you use a CC/Debt card for the first time with the reward card and replaces it with this real data associated to the actual person.

Thankfully that isn't the case here. They don't even collect that information. The article was just written poorly.
Rating: 5 Votes
Avatar
17 months ago
Oh no...now the world will know that I ate cheesecake for dinner last night.
Rating: 5 Votes
Avatar
17 months ago

Uh, whoever wrote this article needs to quote from the actual MFP/UA release:

"The affected data did not include government-issued identifiers (such as Social Security numbers and driver's license numbers) because we don't collect that information from users. Payment card data was not affected because it is collected and processed separately."

FAQ #3: https://content.myfitnesspal.com/security-information/FAQ.html


Yup, pooooooor writing indeed! Look how many comments right away showed that what was written was misleading.
Rating: 4 Votes
Avatar
17 months ago

The whole site is a waste of space -- the data is crowd sourced and it's often totally inaccurate and not verified -- don't rely on to check for saturated fats and trans fat numbers!

This font could stand to do a few crunches and eat some veggies. It's a bit overweight.
Rating: 3 Votes
Avatar
17 months ago

Uh, whoever wrote this article needs to quote from the actual MFP/UA release:

"The affected data did not include government-issued identifiers (such as Social Security numbers and driver's license numbers) because we don't collect that information from users. Payment card data was not affected because it is collected and processed separately."

FAQ #3: https://content.myfitnesspal.com/security-information/FAQ.html


The author has a very poor writing style. Not just in this article, but numerous others.
Rating: 2 Votes
[ Read All Comments ]