Step #1: change your password.

A massive data breach is always a concern—but the latest security flub from popular fitness software MyFitnessPal could have your personal health data out in the open.

It was only this week that the mobile health app made users aware of a security breach that occurred back in February. Today, they sent out a statement to all app users explaining what happened—and exactly what information was compromised.

According to the statement, an unauthorized third party obtained data associated with MyFitnessPal user accounts, including people’s usernames, email addresses, and hashed passwords.

MyFitnessPal’s Chief Digital Officer Paul Fipps said in a statement, “Once we became aware [of the data breach], we quickly took steps to determine the nature and scope of the issue. We are working with leading data security firms to assist in our investigation. We have also notified and are coordinating with law enforcement authorities.”

If you’re a MyFitnessPal user, there are several things you can do to protect your information. First, change your account passwords (email, MyFitnessPal, etc.) immediately. Next, continue to monitor your accounts for any suspicious activity, and be aware of fishy links and unsolicited emails—they could be hackers trying to get your information.