150 Million MyFitnessPal Accounts Breached – Users Should Update Their Account Information

Under Armour’s popular health- and fitness-tracking app, MyFitnessPal, has been breached and roughly 150 million users are affected. The investigation states that an “unauthorized party” gained access to user data late last month, and the affected information includes usernames, email addresses and hashed passwords – the majority with the hashing function called bcrypt used to secure passwords. No payment details or Social Security numbers were breached. Under Armour is planning to notify MyFitnessPal users about the breach via email and in-app messaging, and they’re urging users to change their password immediately and review their accounts for any unauthorized activity. If app users receive any unsolicited messages asking for personal information, they should not share any information.

As MyFitnessPal users update their account information, they should take a minute to review their other accounts in order to stay safe and secure on and offline. They should monitor all activities on their financial and credit card accounts, lock down their login information by using two-factor authentication, review any information from their insurance companies and/or explanation of benefits, and we strongly urge everyone to sign up for an identity protection service that includes credit and identity monitoring. However, everyone should be weary that not all monitoring services will protect them equally. We encourage individuals who are evaluating identity protection services, and businesses who are evaluating such third-party services to offer, to compare the monitoring capabilities and the quality of the customer service.

Comprehensive monitoring services should include internet surveillance, compromised credential monitoring, and credit monitoring. The monitoring should also include alerts so that if a customer’s information is detected, they can quickly assess and work with resolution experts to minimize any impact.

Some recommended information to monitor includes:

  • Social Security number
  • Email addresses
  • Date of birth
  • Debit/credit cards
  • Bank account numbers
  • Insurance card/policy number
  • Drivers’ license number
  • Loyalty card numbers
  • Affinity card numbers
  • Passport number

To learn more about protecting your customers’ and employees’ data with Generali Global Assistance identity and digital protection, request a demo.