MyFitnessPal Security Breach Affects 150 Million Users, Under Armour Reports
Hackers breached MyFitnessPal, a common calorie-counting app and website, and acquired private data from approximately 150 million users.
Under Armour Inc., which owns the nutritional app, announced Thursday that an “unauthorized party” gained access to the data in late February. Information acquired by the hackers included user names, email addresses and hashed passwords, the company said.
Social Security numbers and driver’s license numbers were not affected since the app doesn’t collect that information. Payment card information was also unaffected because the company collects and processes that information separately.
The company says it does not know the identity of the party responsible for the security breach.
MyFitnessPal allows users to track their daily meals, count how many calories they consume and search for the nutritional information of specific foods.
In a notice to the app’s users, Under Armour Chief Digital Officer Paul Fipps said the company learned of the breach on Sunday. The company alerted its users four days later.
“We are working with main data security firms to assist in our investigation,” Fipps wrote. “We own also notified and are coordinating with law enforcement authorities.”
The company is urging MyFitnessPal users to change their passwords immediately.
Under Armour is the latest victim of a string of security breaches affecting companies in every industries.
Orbitz, a travel booking site, announced this month that it had a security breach that affected approximately 880,000 payment cards from the site’s users.
Equifax also announced this month that it had another massive data breach affecting 2.4 million customers in 2017, six months after it revealed a preceding breach that affected 143 million additional people.