A popular fitness and nutrition app ‘MyFitnessPal’ has suffered the largest data breach of 2018 so far affecting 150 million accounts. Hackers got away with usernames, email addresses and hashed passwords.
The data breach occurred in February, but the company weren’t aware of the breach until March 25th. The Under Armour owned company released a statement setting out what they intended to do and how customers should deal with the data breach.
Under Armour have urged all users to change their passwords. This is something that should be done immediately, and users should be aware that the information taken may get used for phishing attacks, which is where the danger lies.
Also, as MyFitnessPal is often a secondary usage app users may repurpose passwords from other websites and accounts. It is vital that anybody changes these passwords as the hackers will already have the email associated to the account through this breach. This can reduce the risk of further breach into more high-risk accounts and information.
For tips on creating the strongest personal security read Aabyss’s tips on creating a strong password.
Also, in the news this week was the return of WannaCry. The worlds largest aerospace company Boeing was the victim this time round with the initial scare was that production equipment might be down. Executives soon offered assurance that the attack had been halted with minimal damage.
WannaCry caused multiple attacks last year most namely the attack on the NHS. Windows quickly released patches for all systems up to and including XP. It is common practice that big operators like Boeing run outdated software such as Windows XP. This is because hardware and programming could be negatively impacted by upgrading. If Boeing machines had been infected this means they were lacking the update provided my Microsoft nearly 10 months ago.
Luckily Boeing had a rapid response and managed to isolate the attack to a few machines. Originally there was panic that it could halt plane production or even affect plane software which could have been much more serious. Other companies might not be so lucky or have the infrastructure to deal with an attack like that, so it is vital that if using old Windows systems that these are updated.