Under Armor's popular health and nutrition app and its MyFitnessPal website came with a Security code evidenced A February breach that revealed the usernames, email addresses and passwords of about 150 million users, the company said on Thursday.
Under Armor announced today that it would notify affected users by email and in-app notifications, a press release said. Along with the standard safety recommendations, Under Armor will require users to reset their passwords in the near future.
The fitness company claimed to have found evidence of the violation on March 25. A third party received unauthorized access to about 150 million user accounts at the end of February. Subsequent investigation of the matter suggests that the nefarious actor or actor has been stripped of information such as usernames, email addresses, and passwords, many of which have been secured with the bcrypt hashing feature.
Not included in the dataset were government issued identifiers social security numbers and driving license data, as MyFitnessPal does not collect such information from its customers. The payment details were also not affected as the company collects and processes these details separately.
Under Armor said it is working with data security companies in the ongoing investigation. Whether the breach hit the company's other digital brands, including the Endomondo and Map My Run running and bike tracking software, is currently unknown.
MyFitnessPal is one of the oldest apps on the iOS App Store. MyFitnessPal is a hugely popular calorie and activity monitoring tool that helps millions of users over the age of 13 years. The title remains in Apple's top charts for free health and fitness apps, and ranks second at the time of writing.
Under Armor bought MyFitnessPal in 2015 in a $ 475 million business. At the time, reports reported that the app had 80 million registered users.