Under Armour’s MyFitnessPal suffers massive data breach

March 30, 2018

The MyFitnessPal service from Under Armour has suffered a data breach that affects about 150 million users.

The breach occurred in late February and involved an “unauthorized party” accessing usernames, email addresses and password data, Under Armour said on March 30.

Fortunately, the exposed passwords were scrambled with the bcrypt hashing algorithm, which will make them tough to crack. “Payment card data was also not affected because it is collected and processed separately,” the company said.

As precaution, Under Armour is advising MyFitnessPal users to change their passwords for any other internet accounts that used the same login credentials. The usernames and email addresses exposed in the data breach were scrambled with an older hashing algorithm called SHA-1, which can be easier to crack.

“Review your accounts for suspicious activity,” the company said in a FAQ about the breach. “Be cautious of any unsolicited communications that ask for your personal data or refer you to a web page asking for personal data.”

Under Armour first learned of the incident on March 25, which triggered a full investigation. The company has been alerting the MyFitnessPal community about the breach through email and in-app messaging.

Who was behind the hack isn’t known, but the company’s investigation remains ongoing and law enforcement is now involved. To keep users safe, the MyFitnessPal service is issuing password resets for all users.

MyFitnessPal works over a website and mobile app and the service is designed to help you lose weight. It features a calorie counter for over 5 million foods. In 2015, Under Armor bought the platform for $475 million.

PCMag has the story

Sponsored Recommendations

Enhancing Remote Radiology: How Zero Trust Access Revolutionizes Healthcare Connectivity

This content details how a cloud-enabled zero trust architecture ensures high performance, compliance, and scalability, overcoming the limitations of traditional VPN solutions...

Spotlight on Artificial Intelligence

Unlock the potential of AI in our latest series. Discover how AI is revolutionizing clinical decision support, improving workflow efficiency, and transforming medical documentation...

Beyond the VPN: Zero Trust Access for a Healthcare Hybrid Work Environment

This whitepaper explores how a cloud-enabled zero trust architecture ensures secure, least privileged access to applications, meeting regulatory requirements and enhancing user...

Enhancing Remote Radiology: How Zero Trust Access Revolutionizes Healthcare Connectivity

This content details how a cloud-enabled zero trust architecture ensures high performance, compliance, and scalability, overcoming the limitations of traditional VPN solutions...