Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Social security numbers, driver license numbers not accessed? Thanks god!
 
Why is this even news here? So someone got a hold of a list of peoples email addresses. That happens daily, usually as email address harvesting by email spammers. So what?
 
Serious question: Why the F does MyFitnessPal need someone's SSN or Driver's License number? ...Isn't the point to track your food intake and weight?

I dont remember having to provide that information when I signed up. I had the free account. The hackers have my email address (Which was already compromised by Adobe some years back) height and weight, but thats about all for me. Don't ever recall providing my address or credit card number. Maybe those who signed up and paid for Premium services were hit harder.

Just deleted my account. Never used it anyways.
 
Oh no...now the world will know that I ate cheesecake for dinner last night.
Just be sure you’re not reusing passwords across sites! A common thing now is to take these lists with email login + password and hit other sites hoping to get lucky that you reused your password at a bank or email account and then screw you over.
 
The whole site is a waste of space -- the data is crowd sourced and it's often totally inaccurate and not verified -- don't rely on to check for saturated fats and trans fat numbers!
 
  • Like
Reactions: arkitect
This is one of those apps that I downloaded on a recent New Years Day, for which I never bothered to create an account.

Sometimes #failing at New Years Resolutions = #winning.
 
why on earth would sites need such personal information like driver license and SSN? if i see one that asks for it and aren't governement website / for official business like tax stuff / applying for visa etc etc, i wont want to give it out at all.

why are people enabling these social giants to obtain these kind of informations. i hope some bravesoul would just come out and do a huge class action lawsuit against these social giants for collecting personal information because this would always end up getting hacked and they walk away scott free. even their shares on the stock market doesnt change much at all. life is unfair
 
why on earth would sites need such personal information like driver license and SSN? if i see one that asks for it and aren't governement website / for official business like tax stuff / applying for visa etc etc, i wont want to give it out at all.

why are people enabling these social giants to obtain these kind of informations. i hope some bravesoul would just come out and do a huge class action lawsuit against these social giants for collecting personal information because this would always end up getting hacked and they walk away scott free. even their shares on the stock market doesnt change much at all. life is unfair
Please read the release and other comments.

In short, they aren’t.
 
The byline is right there underneath the title.

I checked and didn't see it but then I clicked on the parma-link to the article and did. I always click on the link to articles that display the full comments; it appears that version doesn't have the byline. If I click to the version that has the "top rated comments" it does display the name. I really dislike that format though and only normally go there if it's a long article that has a "click here for the full article" link.

@MacRumors you should consider adding the byline information to the full comments version of articles as well. Currently it doesn't exist. Would also be nice to not have to use that "top rated comments" format for long articles.

In any case, thank you Chucker, I learned something today :)
 
I have changed the password on MyFitnessPal account and the email associated with it, I have various accounts for apps and websites which use the same password I used for MyFitnessPal but the accounts aren’t associated with MyFitnessPal or the email associated my MyFitnessPal account so am I safe not changing the passwords for other apps or websites I am registered to
 
why on earth would sites need such personal information like driver license and SSN? if i see one that asks for it and aren't governement website / for official business like tax stuff / applying for visa etc etc, i wont want to give it out at all.

why are people enabling these social giants to obtain these kind of informations. i hope some bravesoul would just come out and do a huge class action lawsuit against these social giants for collecting personal information because this would always end up getting hacked and they walk away scott free. even their shares on the stock market doesnt change much at all. life is unfair

For the love of God Please read other post. This isn't even a long thread. MacRumors' Juli Clover writing on this is terrible. They cut to much info about the Driver's license and SSN. It never was collected
Here's what MFP says
"
What Information Was Involved?
The affected information included usernames, email addresses, and hashed passwords - the majority with the hashing function called bcrypt used to secure passwords."

Seems a lot of reporters are adding the part about SSN and Drivers license not be taking to their stories. Without being clear about it not even being collected.
 
I have changed the password on MyFitnessPal account and the email associated with it, I have various accounts for apps and websites which use the same password I used for MyFitnessPal but the accounts aren’t associated with MyFitnessPal or the email associated my MyFitnessPal account so am I safe not changing the passwords for other apps or websites I am registered to

If the breacher now has your email, and a way to decrypt your password, they can begin attempts to log in to other apps/websites.

Change your passwords on other sites. I know... it sucks.
 
If the breacher now has your email, and a way to decrypt your password, they can begin attempts to log in to other apps/websites.

Change your passwords on other sites. I know... it sucks.
Hi, thanks for your reply. I have 2 emails, only one was used for MyFitnessPal and my other email isn’t associated with MyFitnessPal or the email I used for MyFitnessPal, the email I used for MyFitnessPal had no information on my other email address, could these hackers still get in to my other email which isn’t anything to do with the other email
[doublepost=1522601151][/doublepost]Also what are hashed passwords because MyFitnessPal stated that it was hashed passwords which were stolen
 
You are likely safe... If one email account was possibly accessible though through similar email logins, that's a potential hole. Also, your colleagues/yourself should be on the lookout for emails that allegedly are sent by yourself, containing suspicious links/attachments.

A hashed password is a secured way of storing some data typically with a hash generator, and a known key.

We know the hashed password text has been taken by the culprits, they know what hash generator was used, now they need to know the key. Once/if that is known, that's a bunch of emails and passwords now known by the culprit that can be potentially be used for scanning/testing other services accounts with the emails and similar passwords, and for now at the very least, the culprits now know of a lot of emails that were used at one point.
 
A hashed password is a secured way of storing some data typically with a hash generator, and a known key.

We know the hashed password text has been taken by the culprits, they know what hash generator was used, now they need to know the key.

If by key you mean salt, bcrypt stores the salt as part of the string, so we have that. The salt’s purpose is only to prevent rainbow tables.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.