Under Armour has revealed a security breach that affects approximately 150 million MyFitnessPal users. Though the disclosure took place today, the breach itself happened in late February, according to the company. It became aware of the unauthorized data access on March 25 and has since tapped “leading data security firms” to help investigate the matter.
The investigation has not been completed at this time, however, Under Armour believes that about 150 million MyFitnessPal user accounts were impacted. The hacker(s) acquired data associated with these accounts during their unauthorized access, including email addresses, usernames, and hashed passwords.
The hacker wasn’t able to grab any government-issued ID info, says the company, which isn’t surprising considering that it doesn’t collect that info. Because payment card info is separately collected and processed, the hacker wasn’t able to access it.
Affected users have started receiving emails as of today notifying them that their account and information was compromised. As a precaution, MyFitnessPal users will be required to update their account passwords, which the company recommends they do asap. Law enforcement has been notified about the breach and an investigation is ongoing.
SOURCE: Under Armour