Under Armour has just disclosed that 150 million MyFitnessPal accounts were affected by a security breach. The company became aware of it on March 25th, and deduced that unauthorized parties had access to the accounts since late February 2018 — but only users’ usernames, email addresses, and hashed passwords were exposed.

Government-issued identification like driver’s licenses or social security numbers weren’t included since the company doesn’t collect that information. Under Armour also stated that payment data (including credit cards) weren’t exposed because that is collected and processed separately.

Today, four days after discovering the breach, the company told MyFitnessPal users through email and app notifications, recommending ways to safeguard their account and information as well as requiring them to change passwords. Under Armour announced it had acquired MyFitnessPal in early 2015 for $475 million. We’ve reached out to Under Armour for comment and to determine whether the breach extends to data for the company’s other apps like MapMyRun.


%d bloggers like this: