Early in 2018, Under Armour announced its subsidiary, MyFitnessPal, was involved in a widespread data breach which impacted 150 million customer accounts. The news came on the back on the recent Equifax data breach that put millions of individuals at risk of having their information used without their knowledge, including sensitive information like social security numbers, home addresses, and dates of birth. While the MyFitnessPal data breach did not contain such significant information on users, e-mail addresses, some passwords, and usernames were all compromised. In an era where data breaches are taking place at an alarming rate, it is essential for consumers to be aware of strategies to protect their personal information.
Understand the Data Compromise
The MyFitnessPal data breach was fortunately less severe than the newsworthy Equifax breach in that the information compromised did not include personal details that could be used to establish new credit accounts. During the breach, bad actors acquired e-mail addresses and corresponding usernames and passwords, not credit card details or other financial data. However, some of the passwords acquired through the data breach fell into a low-level security category, meaning they can be decrypted with a few simple steps. And a compromised e-mail address often results in phishing scams and increased spam over time.
MyFitnessPal recognizes that while the information stolen was not all that sensitive, it still poses a problem for the 150 customers impacted. For those who use similar passwords across all accounts, including social media, e-mail, and financial institution log-ins, having these details in the hands of a criminal could mean trouble for users. The company urged account users to change their passwords immediately, whether they were active on the mobile application or not. While this is one way to protect personal information from getting into the wrong hands, you can take additional steps to ensure your details stay safe in future data breaches.
Steps to Safeguard Information
With any data breach, understanding the level of sensitivity of the compromised information is key to determining the next steps in protecting your details. First and foremost, a swift change of passwords, not only for the affected account but all other online or mobile accounts as well is necessary. If you’re concerned about remembering your passwords for countless sites or applications, utilize a password manager to keep things organized. It is also beneficial to create a timeline for changing passwords, such as once every month or quarter.
Once passwords are changed, you still have some work to do to protect your data. Get in touch with your financial institutions, from banks and credit unions to credit card issuers and mortgage servicers, and explain you may be at a heightened risk of fraud. The financial institution may ask a series of identifying questions to ensure they are speaking to the real you, but from there, they will provide direction on what to do to keep nefarious activity from taking place on your account. This may mean a new bank or credit card, or added security features like a PIN or password added to your account. While changes like these to your financial accounts are frustrating, they are crucial to keeping your money safe.
After securing your financial situation, you have one additional step to take in order to safeguard your information. Contact the three credit reporting agencies – Equifax, TransUnion, and Experian – to place a security freeze or a fraud alert on your account. Each credit bureau has a process for enabling and disabling fraud alerts and security freezes on your accounts, but the important thing to note is what each provides in terms of safety. Identity theft and unauthorized account openings are far less likely when security measures like these are put in place. Not sure which one to utilize after a data breach? The differences between these security measures are spelled out here.
With more companies experiencing data breaches of customer information, it is essential for you as a consumer to know what’s at risk and how to keep your information protected. Start by knowing which details were compromised, and then promptly change passwords to dissuade bad actors. Follow up with direct contact with financial institutions and credit bureaus to ensure added security and peace of mind. These simple steps may seem daunting in the beginning, but they are the best actions you can take to keep your data safe.
