Fitness platform suffers major breach, revealing user data and sensitive photos

Move With Us – a fitness platform that offers women's health and fitness programs – suffered a data breach, possibly exposing sensitive information and revealing progress photos of users.

An error occurring on the customer profile page allowed users to log in to other peoples’ profiles, giving them access to emails, addresses, phone numbers, names, and revealing user photos in underwear and without any. Upon logging in and back out, users found themselves within new profiles.

Move With Us said in a statement that the error affected only “a very small portion of users,” although it is unclear how many people they’re referring to exactly.

Despite the breach, no financial information was revealed according to the platform since it doesn’t store payment details. The statement also said that no progress photos were accessed, although a variety of reports suggest that pictures were indeed visible.

“We can also confirm that this was not a malicious intent by a third party to access our users’ information,” Move With Us confirmed.

It was revealed that some users managed to bounce between as many as 10 different profiles. Concerned users took it to social media to demand more information, with Move With Us promising to notify all those affected shortly.

The platform was founded by Instagram influencer Rachel Dillon, who has over 1.4 million followers.

More from Cybernews:

Flirt with Iranian hackers cost defense minister’s cleaner his freedom

Wanted: YouTube influencer accused of swindling $55m out of fans

Holiday Inn owner admits to being breached

Ransomware groups are after education facilities, CISA warns

Ukraine’s raid of Russian bot farms continues

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked