A health and fitness app launched by a popular social media influencer suffered a glitch that may have shared users’ intimate workout photos and other personal account information with other users of the app.
Move With Us, which bills itself as a “movement and fitness” app for women, was founded by Rachel Dillon, a 29-year-old influencer and fitness trainer, who is also a three-time World Beauty Fitness and Fashion bikini world champion. Dillon, who boasts hundreds of thousands of followers on Instagram and TikTokcreated the app to “share the truth transformative power of fitness with the world,” as the company’s website put it. The app provides users with detailed workout and nutrition guides and encourages them to take “before and after” photos to help track their fitness goals and provide a record of their progress.
However, Move With Us had a problem with those pictures earlier this week. As originally reported by news.com.au, users of the app said they were getting randomly logged into accounts that were not their own. After being logged into a stranger’s account, those same users reported being able to view intimate account details, including full names, email addresses, physical addresses, birthdays, and, in some cases, naked or revealing “progress photos” that users kept to track their progress .
On the Move With Us Facebook page, the company and Dillon reportedly responded to “hundreds” of angry users who were concerned for the safety of their accounts. On Tuesday, Move With Us posted a statement about the data breach to the page, disavowing some of the more lofty claims made by angry users—including the bit about the exposed “progress photos.” The statement reads, in part:
We wanted to notify that early yesterday afternoon…we were alerted by our community to an error occurring on the customer profile page within our app for a small portion of users.
This error was causing the incorrect user profile image and profile page to show for users. We immediately investigated and then resolved the issue with our development partners.
…We were also able to confirm no progress photos or financial information was wrongfully accessed. We can also confirm that this was not a malicious intent by a third party to access our users information.
A lot of things remain unclear about the breach. For one thing, it’s unclear how many people were affected (the company claims the issue affected a “small” amount of users but did not specify). For another, the discrepancy between the users’ claims about seeing “progress photos” with their own eyes and the company’s claims don’t seem to have been satisfactorily resolved. Gizmodo reached out to Move with Us to inquire about the incident and try to ascertain more information. We will update this story if the company responds.
If nothing else, this would certainly appear to be a cautionary tale about keeping your most intimate personal information inside an app. Most apps have shoddy security to begin with, so be very, very careful how you send naked or revealing pictures of yourself and where you store them.