Notification of Data Incident
Life Fitness considers the protection of personal information very important, and we take our users privacy seriously. This notification is intended to inform users of an incident that involves account information for certain users of the LFconnect fitness app. As of May 4, we have received no reports or evidence of suspicious activity that indicate that user information was accessed by an unauthorized party with the intention of doing harm.
On April 24, 2018, Life Fitness became aware that certain internal data from certain users was publicly accessible on the world wide web. Upon learning of this issue, Life Fitness promptly took steps to ensure that Life Fitness’ internal data systems were no longer publicly accessible.
Is this incident related the MyFitnessPal data breach?
No. The MyFitnessPal data breach that was announced by Under Armour on March 29, 2018, is not related to this incident. That incident impacted users that had their LFconnect app connected to their MyFitnessPal app.
What Information Was Accessible?
Information that had the potential to be accessed may have included name, email address, date of birth, age, account username, height, weight and Facebook UserID. Accessible information was dependent on which information impacted users input into their LFconnect fitness app.
What Are We Doing?
Once Life Fitness became aware of the issue, we took measures to ensure that the identified information was no longer accessible. Protecting user information is very important to us. We are investigating how information was made accessible in the first instance, and continue to enhance our data security processes to prohibit the accessibility of information in the future.
What Can Impacted Users Do?
Remain diligent in the monitoring of accounts for suspicious activity, and be cautious of unfamiliar or suspicious emails that require users to click or download attachments. Should you have any questions, please contact the privacy office at firstname.lastname@example.org