- Under Armour’s health- and fitness-tracking app, MyFitnessPal, has been hit by a data breach.
- Roughly 150 million MyFitnessPal users are affected, Under Armour says.
- Under Armour says an “unauthorized party” gained information like usernames and email addresses, but not payment details.
Under Armour’s health- and fitness-tracking app, MyFitnessPal, has been hit with a data breach.
Under Armour says roughly 150 million MyFitnessPal users are affected by the breach, which it discovered earlier this week. It said on Thursday that an “unauthorized party” acquired data about these users late last month.
“Under Armour is working with leading data security firms to assist in its investigation, and also coordinating with law enforcement authorities,” the company said in a statement. “The investigation indicates that the affected information included usernames, email addresses, and hashed passwords — the majority with the hashing function called bcrypt used to secure passwords.”
Under Armour said the hacker would not have been able to obtain users’ payment details or information like Social Security numbers or driver’s license numbers. The company has begun notifying users via messages in the app and emails.
Under Armour will require MyFitnessPal users to change their password and is “urging users to do so immediately.” The company is also encouraging users to review their accounts for suspicious activity and be cautious of any unsolicited messages asking for personal information.
Under Armour acquired MyFitnessPal for $475 million in 2015.
The data breach comes as Under Armour has struggled to keep up with the competition.
Last year, Under Armour’s North American sales declined 7% year over year, Macquarie said in a note in January. And earlier this month, the CEO of Dick’s Sporting Goods described Under Armour as a brand with “significant weakness.”
Meanwhile, analysts have expressed concern that Under Armour is selling its products at too many different types of stores without differentiating the goods offered.