Under Armour says MyFitnessPal breach impacted 150M users

Under Armour says MyFitnessPal breach impacted 150M users
© Getty Images

Under Armour said Thursday that hackers breached its food and nutrition app and website, MyFitnessPal, and accessed information on as many as 150 million users.

The company said it discovered Sunday that an unauthorized party had gained access to data associated with MyFitnessPal accounts at the end of February. The company has opened an investigation into the incident, soliciting the help of private cybersecurity firms as well as law enforcement.

ADVERTISEMENT

Hackers gained access to usernames, email addresses, and hashed passwords—many of which are secured with a password hashing function known as bcrypt.

The company noted that the stolen information does not include Social Security numbers or driver’s license numbers, which are not collected by the app. Payment card information, which is collected separately, was also not compromised, the company said.

“We do not know the identity of the unauthorized party. Our investigation into this matter is ongoing,” the company said in a blog post. “We take our obligation to safeguard your personal data very seriously and are alerting you about this issue so you can take steps to help protect your information." 

Under Armour said it has started notifying MyFitnessPal users of the breach and will require users to change their passwords in order to secure their accounts.