MyFitnessPal Data Breach

Threat Level: Medium
Threat Type: External Account Breach
Advisory Date: 07/13/2023

Description

In February 2018, the diet and exercise service website MyFitnessPal  www.myfitnesspal.com suffered a data breach impacting over 140 million unique email addresses, IP addresses and passwords.

Data breaches involving password leak often times leads to an unauthorized party accessing user's account and obtaining more information to carry out further malicious intent like utilizing these passwords across multiple websites.

We have recently seen an increased number in compromised accounts from our users and have confirmed that these accounts are associated with this data breach.

Impact

A high number of University of Regina user accounts have been found in this data breach.

Users who have created account on this website before this data breach might be affected by this breach.

Resolution

Therefore, we are requesting users that have created an account on this website and have not reset their password since February 2018 when this breach occured to reset their password.

Also, if you have used this password on any other services, either internal or external, please update the password of those associated accounts.

When choosing a new password, remember these guidelines:

  • Use a totally unique password for each website, login or service
  • Good passwords are long, contain a mix of letters, numbers and symbols
  • Use a password manager to keep track of all of your credentials

Resources

Use the self-service password reset form: https://novapp.cc.uregina.ca/perl/chpass.pl

Password guidelines: https://www.uregina.ca/is/staff/security/resources/resource-password.html#password-guidelines

More information:https://www.veridiumid.com/blog/myfitnesspal-password-breach-dark-web

Need assistance? Contact the IT Support Centre:

In person at ED 137 or Archer Library Main Floor Commons