Move With Us is an online fitness platform founded by Instagram star and three-time World Beauty Fitness and Fashion bikini world champion Rachel Dillon.

Formerly known as Bodies By Rachel, the service provides multi-week fitness programs, nutrition guides and encourages users to take before-and-after photos to show off their progress.

But the app was hit with a major data glitch on Tuesday afternoon that potentially revealed users’ personal information and pictures to others.

Users were logging into other people’s profiles when they opened the app, giving them access to their personal information, including pictures (often either naked or in underwear), emails, full names, date of birth and address.

Each time a user logged out and tried to log back in, they were in another person’s profile.

There were instances of users logging into as many as 10 different profiles as the problem persisted for more than two hours.

Move With Us issued users with an explanation on Wednesday, saying the breach impacted “a very small number of users”.

“This error was causing the incorrect user profile image and profile page to show for users,” the statement read.

“We are also able to confirm no progress photos or financial information was wrongfully accessed. We can also confirm that this was not a malicious intent by a third party to access our users’ information.”

A Move With Us user, who wished to remain anonymous, was unsure if their personal data had been exposed.

“I have no idea if my data was shown to other people,” they told NCA NewsWire.

“From others’ accounts, information visible was email address, birth date, full name, and some accounts of seeing progress photos.

“I wasn’t logged into anyone else’s account myself.”

Ms Dillon and Move With Us’ support team responded to hundreds of angry and concerned customers on the app’s Facebook group page, which has more than 90,000 members.

Move With Us told users it would investigate the issue and reach out to people who had been affected.

It warned that this process would take time but asserted that no one’s photos were accessed.

“We sincerely apologise for the issue and can confirm this has now been fixed,” it said.

“Our app provider has also advised that progress photos were not visible by others.”

NCA NewsWire has heard and read conflicting reports from users who alleged their photos were visible.

“Photos were definitely visible,” one user said.

“Pictures were definitely visible, take some ownership please,” another replied.

The Move With Us anonymous user, who had been using the app “on and off” for about 18 months and described it as a “good service”, said the breach should have “never been allowed to happen”.

“To be honest, this is a huge breach of privacy. The app encourages you to upload photos of yourself as you go through the programs. You get prompts to do it and it’s meant to encourage you,” they said.

“But it’s very personal. A lot of people are incredibly sensitive about their bodies and for personal information like emails, names and birthdays to be available is bad enough – but to think a photo of you at a vulnerable time in your underwear is so easily accessible to strangers is enough to turn me away from the brand altogether.”

Ms Dillon, who boasts more than 1.4 million followers on Instagram, said she started the business to help other women on their fitness journeys.

“Sharing my training and nutrition programs with like-minded women on their own journey to progression is what brings me true happiness,” she said on Move With Us’s website.

“No matter your fitness level, my team of accredited dietitians and expert trainers are here to support and guide you.

“My fitness journey has transformed all aspects of my life, and I would love the opportunity to see what you can achieve on your own journey.”

Ms Dillon made waves in the fitness world earlier this year when it was announced she was dating Kayla Itsines’ ex-fiance Tobi Pearce.

Move With Us has been contacted for comment.

Originally published as Rachel Dillon’s fitness app exposes users after major data breach