An Important Update About Your MyFitnessPal Account

by MyFitnessPal
Share it:

Dear MyFitnessPal Users,

You might have heard about a widespread internet security vulnerability called Heartbleed, and you may be wondering whether it impacts MyFitnessPal. Heartbleed is a bug that security researchers recently discovered in a core encryption library that secures most internet sites.

This issue is projected to be impacting as many as two-thirds of sites across the web. Fortunately, we have no evidence that any of our users’ data has been breached. Nevertheless, as soon as this disclosure was made public, we immediately upgraded all of our systems to mitigate any potential issues.

(Update 4/11/2014: To be specific, we patched the vulnerability and updated our SSL certificate with new private [and corresponding public] keys. We have since also requested and deployed an entirely new SSL certificate and revoked our old certificate, to eliminate any confusion.)

Due to the potential severity of this bug we would like to suggest that you take two simple steps:

1. Change your MyFitnessPal password. Here’s how.

2. Disconnect and immediately reconnect your connected accounts (like Fitbit or Runtastic). This will refresh your authentication tokens and increase your security.

At MyFitnessPal, the security and privacy of your data is important to us. Again we have no reason to believe that any data was actually compromised. We will continue to monitor this threat and will keep you informed going forward.

Thank you,
Vijay Raghunathan
Vice President of Engineering, MyFitnessPal

About the Author


MyFitnessPal provides powerful tools that make it easier for anyone to live a healthier life by tracking their meals and physical activity. Make healthy choices and visit the MyFitnessPal blog and download MyFitnessPal (if you haven’t already).


Never Miss a Post!

Turn on MyFitnessPal desktop notifications and stay up to date on the latest health and fitness advice.


Click the 'Allow' Button Above


You're all set.