Hackers could hijack user accounts in dozens of fitness and gym mobile applications, even where the two-factor authentication (2FA) mechanism was active. […]

from https://www.bleepingcomputer.com/news/security/gym-app-management-platform-exposed-info-of-thousands-of-users/