Have You Heard of Europe’s New General Data Protection Regulation Law?

GDPR and Cyber Security

Have You Heard of Europe’s New General Data Protection Regulation Law?

Europe’s General Data Protection Regulation, or GDPR, went into effect on Friday, May 25. These new laws were written in favor of European citizens by giving them more control over the data that is collected by online services. Although this is being practiced in Europe and not the U.S.A., these new rules will have widespread ramifications as U.S-based companies that handle the data of E.U. citizens have to comply as well.

GDPR requires companies to be transparent when seeking consent from consumers before collecting their personal information. According to the Information Commissioner’s Office, Companies must also give consumers “easy access to their own data”, and to delete that data if the customer wishes to. This is a win for consumers in Europe– hopefully, it catches on in the U.S. sooner than later as data breaches are no joke here.

On April 9, 2018, I received an email from MyFitnessPal with a subject line that read: NOTICE OF DATA BREACH.

MyFitnessPal is a smartphone app and website that tracks diet and exercise.

On March 25, 2018, we became aware that during February of this year an unauthorized party acquired data associated with MyFitnessPal user accounts.

The stolen data included usernames, email addresses, and hashed passwords. How am I just now finding out about a breach which directly affected my personal information- two months after it happened?! What’s more alarming is that I had totally forgotten I even had an active account with MyFitnessPal. Also, I wasn’t aware they had my information stored in their system all these years. This sure is a scary reminder of the lack of privacy and awareness consumers in the US have when it comes to their data that’s online.

Once we became aware, we quickly took steps to determine the nature and scope of the issue.

Yet, it took MyFitnessPal over two weeks to notify me about this breach!

The good news is: GDPR is making efforts to change this. Under the new law, companies have 72 hours to report to their users and the public once a data breach is brought to light - but that still doesn’t solve the issue. However, it sure seems like GDPR regulations are creating a shift in power from corporate giants to individual consumers.

If you were affected by this breach, or any others, here are a few things to do:

  • Change your password for any accounts that have fallen victim to data infringement
  • Review your accounts for suspicious activity
  • Be cautious of any unsolicited communications that ask for your personal data or refer you to a web page asking for personal data
  • Avoid clicking on the links or downloading attachments from suspicious emails

It’s always a good idea to double check on your personal information for any unusual activity.

Also find out more about the people in your life with the cutting the cutting edge people search engine, Spyfly.


SpyFly was founded with the mission of making it safe and easy for people to find and learn the truth about each other online. By providing our members fast, easy and affordable access to public records, members can quickly make informed decisions about individuals they interact with. SpyFly provides searches for active warrants, driving records, arrest records, sexual predators and offenders, and several other public record information searches all in one place to keep you, your family, co-workers, and loved ones safe.