MyFitnessPal is not telling the whole truth about recent data “corruption” incident

By | March 27, 2024

Today I received this email from MyFitnessPal:

Dear MyFitnessPal Customer,

In our efforts to consistently keep our foods current and accurate, we perform regular updates to our food database. During a review last week, we experienced an issue that may have caused some food entries you logged between Tuesday, March 19th and Thursday, March 21st to be incorrect.

First, we’d like to apologize for any inconvenience this issue may have caused. We’d also like to give you a free copy of our new Meal Prep guide. To receive your guide please click on the following link: Meal Prep 101.

We have resolved the issue, but unfortunately, any impacted entries previously logged in your Diary will need to be fixed manually. If you notice a food item that looks like it may have an incorrect name or incorrect nutrition information and wish to update it please follow the steps below:

Select Log Food/Diary
Find the inaccurate food item and delete it

  • On iOS – you can swipe left to delete
  • On Android – long hold on item to delete
  • To Mass delete – you can tap the Edit/Pencil >> Select inaccurate items >> tap delete/trash can
  • If the item was added via barcode scan try scanning the barcode again

Once deleted, perform another food search to find item again You can check foods logged between Tuesday, March 19th and Thursday, March 21st by going to your food diary and clicking at the top to select the specific day you want to review.

If you have any questions or if there is anything we can help you with, please visit our help section and submit a request and we will follow up with you as quickly as possible.

Sincerely,
The MyFitnessPal Team

Notice what they’re not telling us:

  • How did this happen?
  • What are they doing to prevent it from happening again?
  • Is the problem that valid food log entries were corrupted, or that extra, spurious food log entries were somehow introduced?
  • If the problem is that valid food log entries were corrupted, then how the heck are we supposed to remember what we ate, and how much, 6-8 days ago, so that we can correct it?

I took a look at the food data in the app March 19-21, and one particular entry on March 20 stands out:

A screenshot of the MyFitnessPal Android app, showing the dinner section of a food diary for Wednesday, March 20. One of the food items listed is "Enjoy Cock Cayenne Pepper Hot Sauce / Hot Sauce Fanatics, 0.1 bar". The words "Enjoy Cock" have been circled in the screenshot to emphasize them.

It probably goes without saying, but I can assure you that I did not log a food called “Enjoy Cock Cayenne Pepper Hot Sauce” to MyFitnessPal on March 20.

[UPDATE: I turns out “Enjoy Cock Hot Sauce” is actually a real thing, not a made-up name intended to be offensive. I suppose I should have known there’s nothing too ridiculous for someone to be selling it. Nevertheless, I definitely did not add this to my food diary on March 20, and MyFitnessPal still isn’t being completely honest with us about what happened.]

As an information security professional, I smell a rat. The people who maintain MyFitnessPal need to come clean about how this happened. Was their database corrupted as the result of a security breach? Did one of the employees make intentional, malicious changes to their database? Did they accidentally do something in production that they meant to do in a non-production environment. We deserve the truth.

The first paragraph of the email quoted above is clearly lying by omission. MyFitnessPal needs to come clean.

I’ve had a number of problems with MyFitnessPal recently. I would rather use a different app, but unfortunately this is the one that integrates with Garmin Connect. In addition to reaching out to MyFitnessPal about this incident, I’ll also be reaching out to Garmin and asking them to start supporting other food diary apps, because I don’t have to keep using MyFitnessPal if this is how they are going to treat their customers and safeguard their data.

Share

2 thoughts on “MyFitnessPal is not telling the whole truth about recent data “corruption” incident

  1. Anonymous

    Any chance that “Enjoy Cock Cayenne Pepper Hot Sauce” is a really bad translation of “Sriracha” (a.k.a. Rooster Sauce)?

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *