Sportswear merchant Under Armour has become the latest victim of a massive data breach involving account information of tens of millions of users.
Under Armour informed MyFitnessPal users on March 29, 2018, that 150 million accounts were affected by a data breach that took place in February 2018. MyFitnessPal is an app designed for tracking diet and exercise.
WATCH: Facebook does data breach damage control
The company said in a statement that the affected data did not include government-issued identifiers, such as Social Security Numbers and drivers licenses, and only included usernames, email addresses and hashed passwords (hashing is a one-way mathematical function that converts an original string of data into a seemingly random string of data).
The statement also said payment data was not affected, as Under Armour collects and processes that data separately. That means this break-in is unlikely to require credit and debit cards to be replaced or raise the spectre of identity theft, as happened with big breaches affecting retailer Target and credit reporting agency Equifax, which resulted in the departures of their CEOs.
The Baltimore-based company became aware of the breach on March 25, 2018, and notified users of the incident four days later via an email alert. The company is currently unaware of the party behind the breach, though has launched an investigation into the matter.
Under Armour is urging users to change their passwords immediately, which they can do by navigating to the “My Home” tab on the MyFitnessPal app or website, selecting “Settings” and then selecting “Change Password.”
Under Armour acquired MyFitnessPal in 2015 for US$475 million, when the platform had approximately 80 million users. Since then, the app’s user base has nearly doubled in size.
With files from the Associated Press.