ShellCodeX
Tools • Events • News • Insights
ShellCodeX Breach Report

8fit Data Breach

8fit.com
Major exposure
Verified breach Passwords exposed
Accounts exposed 15,025,407
Breach date 01 Jul 2018
Added to tracker 21 Mar 2019
Data classes 6

What happened

In July 2018, the health and fitness service 8fit suffered a data breach. The data subsequently appeared for sale on a dark web marketplace in February 2019 and included over 15M unique email addresses alongside names, genders, IP addresses and passwords stored as bcrypt hashes. The data was provided to HIBP by dehashed.com.

Exposed data

Email addresses Genders Geographic locations IP addresses Names Passwords

Recommended actions

  • Change your 8fit password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing 8fit — attackers weaponise breach data quickly.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP