Under Armour Data Breach Exposes 150 Million MyFitnessPal Accounts

Under Armour has notified users that the MyFitnessPal app team became aware that an unauthorized third party had acquired data associated with user accounts for the app and website.

The MyFitnessPal service from Under Armour has suffered a data breach that affects about 150 million users. The firm's now working with data security firms and law enforcement authorities to assist in the investigation. The initial reports suggest that stolen data may include user names, email addresses, and hashed (not plain-text) passwords. The first place in this not-so-prestigious ranking is taken by the infamous Yahoo account data breach from 2013 when the data of over 3 billion accounts was compromised. However, its likely they may not be considered strong enough in ensuring tech businesses take full responsibility of their part in securing the private data of all their users.

The investigation indicates affected information may include usernames, email addresses and hashed passwords.

The data has helped Under Armour morph from an apparel maker into an athletic performance company, rivaling Nike for the same target demographic. "We have also notified and are coordinating with law enforcement authorities".

The service has since more than doubled in size thanks in part to the company's largely agnostic approach to apps and fitness trackers, almost all of which can be plugged into MyFitnessPal for tracking calories and exercise-related activity. If you do get any emails, you should also be careful of malicious links or attachments.

Late last night, users of health app MyFitnessPal received a notification from the company that their account information may have been compromised. Four days later, Under Armour contacted MyFitnessPal users through email and the app's messaging system.

According to Reuters, Under Armour bought MyFitnessPal in 2015 for $475 million.

  • Rosalie Stanley