![]() ![]() ![]() The MyFitnessPal credentials were encrypted, but hashing doesn’t guarantee that the passwords are protected from attackers. ![]() Encryption may not completely protect passwords If threat actors have the username and password that a person uses to log-in to a MyFitnessPal account, they know there’s a chance that those credentials could provide them access to more valuable accounts, like a Gmail or bank account, for example. With data breaches occurring regularly, there’s a possibility that, eventually, a person’s credentials will end up in either the public domain or on the Dark Web. Attackers, criminals and other nefarious types know that password reuse is common, despite security analysts warning about the dangers of this practice. While forcing all MyFitnessPal users to change their passwords protects their workout data and food diaries from threat actors, the exposed credentials could prove problematic for people who like to use the same password to log-in to multiple sites. A MyFitnessPal spokesperson told Fortune that users were required to change their passwords after the breach was disclosed in March 2018, making any pilfered passwords useless on the site. The sale price: around $20,000 in bitcoin. In addition to MyFitnessPal, which is owned by athletic apparel manufacturer UnderArmour, credentials from 15 other hacked websites are also for sale, The Register reported. Almost a year after the diet and exercise website disclosed that it was breached, threat actors are selling the stolen credentials, which may include the usernames, passwords and email addresses of up to 150 million people, on the Dark Web. If you’re still using your old MyFitnessPal password to access other websites, now is the time to change and retire it. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |