ShellCodeX Breach Report
Jefit Data Breach
jefit.com
Verified breach
Passwords exposed
Accounts exposed
9,052,457
Breach date
11 Aug 2020
Added to tracker
27 Apr 2021
Data classes
4
What happened
In August 2020, the workout tracking app Jefit suffered a data breach. The data was subsequently sold within the hacking community and included over 9 million email and IP addresses, usernames and passwords stored as either vBulletin or argon2 hashes. Several million cracked passwords later appeared in broad circulation.
Exposed data
Email addresses
IP addresses
Passwords
Usernames
Recommended actions
- Change your Jefit password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing Jefit โ attackers weaponise breach data quickly.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP