Image

Image

“Fitbit takes our obligation to safeguard customer information very seriously. We're vigilant in identifying, blocking, and addressing malicious activity. We lock accounts we believe have been compromised, meaning we reset the password and prompt the customer to create a new one. The metrics we monitor change over time as attackers change their approach.”The company also stated it had engaged with appropriate law enforcement authorities to “provide them with the information they need to pursue those responsible for this activity.” Fitbit’s head of security Marc Brown said the company is now looking into greater security controls, and has been investing “heavily” in security after multiple attempted attacks since its launch in 2007. “We don’t have two-step verification at the moment – it is something we’re working on actively,” he said. Brown stressed that Fitbit was not the victim of “hackers” but of fraudsters instead, due to the fact that the user’s credentials were stolen from a third-party site.