Reports indicate that roughly 6 million users of Canadian-based fitness app, PumpUp, have been exposed to a cyber attack. According to ZDNet, the cyber security firm that found the exposure, unencrypted payment cards, usernames, passwords, emails, health data (height and weight), locations, and private conversations within the app were hacked via an unsecured backend server hosted on Amazon’s cloud infrastructure.
ZDNet stated that they tried for a week to contact PumpUp about the exposure but was unable to get in contact with the company. Additionally, PumpUp’s server had been leaking consumer data for an unknown length of time and appears to have since been pulled offline.
Since the attack, we assume PumpUp is working closely with data security firms to assist in its investigation. Additionally, they are probably working with PR consultants, data breach attorneys, and credit monitoring services, all billing at an hourly rate. Had PumpUp been protected with a cyber insurance policy, it’s likely that they would be covered for these expenses.
Evolve MGA offers cyber insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote!
If you’d like to read more about this data breach, click here.