Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

MyFitnessPal Data Breach Impacts 150 Million User Accounts

MacRumors

MacRumors

macrumors bot
Original poster
Apr 12, 2001
63,481
30,715



MyFitnessPal parent company Under Armour today announced that MyFitnessPal has been the victim of a hacking incident, which has seen personal details of approximately 150 million user accounts accessed in a data breach.

MyFitnessPal is a popular health and fitness iOS app and website that's used by many iPhone and iPad owners, and it is consistently among the top Health and Fitness apps in the App Store.

myfitnesspal.jpg

The breach, which happened in late February, included usernames, emails, and encrypted passwords. Credit card numbers from paying customers were not accessed.

Under Armor has already been sending emails and in-app messages to its customers who were affected by the breach. The company says it is working with "leading data security firms" to assist in its investigation.

MyFitnessPal users will be required to change their passwords.

Article Link: MyFitnessPal Data Breach Impacts 150 Million User Accounts
 
Article Link
https://www.macrumors.com/2018/03/29/myfitnesspal-data-breach/
ck2875

ck2875

macrumors 65816
Mar 25, 2009
1,029
2,923
Brighton
MacRumors said:
The breach, which happened in late February, included usernames, emails, and encrypted passwords. Social security numbers, driver license numbers, and credit/debit card information were not accessed.
Click to expand...

Serious question: Why the F does MyFitnessPal need someone's SSN or Driver's License number? ...Isn't the point to track your food intake and weight?
 
  • Like
Reactions: thewap, rhett7660, arkitect and 16 others
E

Elektrofone

macrumors 65816
Jul 5, 2010
1,033
482
That's not good news. I don't really have any important info on there but doesn't make me feel good about using the service. Anyone have alternatives?
 
thisisnotmyname

thisisnotmyname

macrumors 68020
Oct 22, 2014
2,438
5,251
known but velocity indeterminate
ck2875 said:
Serious question: Why the F does MyFitnessPal need someone's SSN or Driver's License number? ...Isn't the point to track your food intake and weight?
Click to expand...

Hustler1337 said:
What are they doing holding customers' social security and driver license numbers?
Click to expand...

My thought is that they don't but were just clarifying since this will be national news that nothing of that sort was obtained by hackers.
 
  • Like
Reactions: rafark, atmenterprises, arkitect and 5 others
manilaraf

manilaraf

macrumors newbie
Mar 29, 2018
2
34
Rye Lake, NY
MacRumors said:
Social security numbers, driver license numbers, and credit/debit card information were not accessed.

Article Link: MyFitnessPal Data Breach Impacts 150 Million User Accounts
Click to expand...

Uh, whoever wrote this article needs to quote from the actual MFP/UA release:

"The affected data did not include government-issued identifiers (such as Social Security numbers and driver's license numbers) because we don't collect that information from users. Payment card data was not affected because it is collected and processed separately."

FAQ #3: https://content.myfitnesspal.com/security-information/FAQ.html
 
  • Like
Reactions: flyc14, J.Dillinger, Rojaaemon and 23 others
ck2875

ck2875

macrumors 65816
Mar 25, 2009
1,029
2,923
Brighton
stringerhye said:
That's not good news. I don't really have any important info on there but doesn't make me feel good about using the service. Anyone have alternatives?
Click to expand...

LoseIt.

Way better food database and UI without the social crap MFP tries to cram down your throat. It is also cheaper than MFP for the premium... I think it's like $40/year versus $50/year for MFP. They tend to have offers for discounted premium at $30/year on Black Friday, so I had previously locked in at that rate (though recently I got a special offer for a lifetime subscription to LoseIt for $100 so jumped on that since I had been paying for premium for about 5 years already).
 
A

AppleMad98004

macrumors 6502a
Aug 23, 2011
617
846
Cylde Hill, WA
Hustler1337 said:
What are they doing holding customers' social security and driver license numbers?
Click to expand...

Data triangulation. I know if at least one supermarket chain that does the same for rewards cards. Links bank information and DOL data even if you give fake info because it throws it out when you use a CC/Debt card for the first time with the reward card and replaces it with this real data associated to the actual person.
 
  • Like
Reactions: Marekul
C

coolfactor

macrumors 604
Jul 29, 2002
7,040
9,695
Vancouver, BC
manilaraf said:
Uh, whoever wrote this article needs to quote from the actual MFP/UA release:

"The affected data did not include government-issued identifiers (such as Social Security numbers and driver's license numbers) because we don't collect that information from users. Payment card data was not affected because it is collected and processed separately."

FAQ #3: https://content.myfitnesspal.com/security-information/FAQ.html
Click to expand...

Yup, pooooooor writing indeed! Look how many comments right away showed that what was written was misleading.
 
  • Like
Reactions: arkitect, Jovian9, manilaraf and 1 other person
M

Mobster1983

macrumors 6502a
Sep 8, 2011
653
476
Curious if this affected this one app, or UA's other fitness related apps like Map My Run. No info in the article but I imagine these are part of the same system.
 
OldSchoolMacGuy

OldSchoolMacGuy

Suspended
Jul 10, 2008
4,197
9,050
ck2875 said:
Serious question: Why the F does MyFitnessPal need someone's SSN or Driver's License number? ...Isn't the point to track your food intake and weight?
Click to expand...

The article is poorly written. Those are just some examples of the type of secure personal information that wasn't leaked. What they're trying to say is that credit card information of paying users wasn't leaked.
[doublepost=1522361471][/doublepost]
Mobster1983 said:
Curious if this affected this one app, or UA's other fitness related apps like Map My Run. No info in the article but I imagine these are part of the same system.
Click to expand...

It's all part of the same database. I just went and changed my MapMyRide password. Also disconnected Facebook from it.
 
  • Like
Reactions: arkitect and Jovian9
NoBoMac

NoBoMac

Moderator
Staff member
Jul 1, 2014
5,754
4,338
Mobster1983 said:
Curious if this affected this one app, or UA's other fitness related apps like Map My Run. No info in the article but I imagine these are part of the same system.
Click to expand...

To be safe, I changed the password on both MFP and MapMyWalk (not that it mattered in that no CC on file, using a "burner" email address, and both accounts had different and random passwords).

Might be same systems, but at a high level, does not appear to be tightly tied in that I had to create a different account for MMW and then provide those credentials in MFP app to get sync to work from MMW to MFP.

ck2875 said:
LoseIt.

Way better food database and UI without the social crap MFP tries to cram down your throat.
Click to expand...

Thanks for that. Giving it a whirl. Don't need the premium features. Database, so far, seems to be comparable to what MFP has. UI, to me, seems to be a bit more cluttered, but might get used to it.
 
69Mustang

69Mustang

macrumors 604
Jan 7, 2014
7,895
15,043
In between a rock and a hard place
AppleMad98004 said:
Data triangulation. I know if at least one supermarket chain that does the same for rewards cards. Links bank information and DOL data even if you give fake info because it throws it out when you use a CC/Debt card for the first time with the reward card and replaces it with this real data associated to the actual person.
Click to expand...
Thankfully that isn't the case here. They don't even collect that information. The article was just written poorly.
 
  • Like
Reactions: manilaraf, arkitect, thisisnotmyname and 2 others
kildraik

kildraik

macrumors 6502a
May 7, 2006
931
1,319
That sucks.

My fitness pal is my body, and that seems to be working just fine by telling me what I need to know.
 
  • Like
Reactions: dmylrea
Jovian9

Jovian9

macrumors 68000
Feb 19, 2003
1,967
110
Planet Zebes
manilaraf said:
Uh, whoever wrote this article needs to quote from the actual MFP/UA release:

"The affected data did not include government-issued identifiers (such as Social Security numbers and driver's license numbers) because we don't collect that information from users. Payment card data was not affected because it is collected and processed separately."

FAQ #3: https://content.myfitnesspal.com/security-information/FAQ.html
Click to expand...


Terribly written article from MR. Misleading to get clicks.
 
roar08

roar08

macrumors 6502a
Apr 25, 2008
647
1,742
manilaraf said:
Uh, whoever wrote this article needs to quote from the actual MFP/UA release:

"The affected data did not include government-issued identifiers (such as Social Security numbers and driver's license numbers) because we don't collect that information from users. Payment card data was not affected because it is collected and processed separately."

FAQ #3: https://content.myfitnesspal.com/security-information/FAQ.html
Click to expand...

The author has a very poor writing style. Not just in this article, but numerous others.
 
  • Like
Reactions: Jovian9 and arkitect
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom