Monday, January 13, 2025
HomeSecurity News150 Million user Accounts Affected with MyFitnessPal Data Breach

150 Million user Accounts Affected with MyFitnessPal Data Breach

Published on

MyFitnessPal data breach affected more than 150 million user accounts. Attackers stole the usernames, email addresses, and hashed passwords.

The breach most likely happened in February this year and the company identified the unauthorized data access from their servers on March 25, 2018.

MyFitnessPal confirms payment cards were not affected by the breach as it is collected and processed separately. No government-issued identifiers such as Social Security numbers and driver’s license numbers were not affected because we don’t collect that information from users MyFitnessPal statement reads.

The identity of the unauthorized access not yet identified and they working with data security firms to investigate the unauthorized access.

Majority of their password encrypted with bcrypt and few of them with SHA-1, a 160-bit hashing function.

After understanding the scope of the attack they sent out notification email’s to the customers “to change their passwords immediately” and to provide details on how they protect their private data.

“We continue to monitor for suspicious activity and to coordinate with law enforcement authorities.We continue to make enhancements to our systems to detect and prevent unauthorized access to user information” MyFitnessPal statement reads.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Critical macOS Vulnerability Lets Hackers to Bypass Apple’s System Integrity Protection

Microsoft Threat Intelligence has uncovered a critical macOS vulnerability that allowed attackers to bypass...

CISA Released A Free Guide to Enhance OT Product Security

To address rising cyber threats targeting critical infrastructure, the U.S. Cybersecurity and Infrastructure Security...

Microsoft Warns of MFA Issue Affecting Microsoft 365 users

Microsoft has issued a warning regarding an ongoing issue with Multi-Factor Authentication (MFA) that...

RedCurl APT Deploys Malware via Windows Scheduled Tasks Exploitation

Researchers identified RedCurl APT group activity in Canada in late 2024, where the attackers...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

LegionLoader Abusing Chrome Extensions To Deliver Infostealer Malware

LegionLoader, a C/C++ downloader malware, first seen in 2019, delivers payloads like malicious Chrome...

North Korean Hackers Stolen $2.2 Billion From Crypto Platforms In 2024

Cryptocurrency hacking incidents in 2024 surged 21.07% YoY to $2.2 billion, with 303 breaches...

Deloitte Denies Breach, Claims Only Single System Affected

Ransomware group Brain Cipher claimed to have breached Deloitte UK and threatened to publish...