Under Armor sportswear announced today that its subsidiary MyFitnessPal is impacted on a major data-driven beach and threatens up to 150 million accounts. Account information involved in the violation includes usernames, email addresses, and hashed passwords, but no financial information such as credit card numbers or government agencies, or identifiers such as social security numbers.
Under Armor acquired MyFitnessPal, a website and mobile app tracking diet and exercise activity, for $ 475 million in 2015, when MyFitnessPal had 80 million users. The service has more than doubled since then, not least thanks to the company's largely agnostic approach to apps and fitness trackers, which almost all can be connected to MyFitnessPal to track calories and exercise.
Although the breach did not reveal any particularly sensitive user data, it is a significant number of users and the situation will inevitably impact the Under Armor stock, with shares in after-hours trading falling nearly 4 percent , Under Armor says it was alerted last week to the break that took place in February. The company is working to notify affected users. It is expected to work with the police and data security companies to determine the cause of the breach.
"Four days after the issue became known, the company began emailing and informing the MyFitnessPal community about in-app messaging, which includes recommendations for MyFitnessPal users regarding the account security steps they take to protect them their information, "said Under Armor in a statement. "The company will force MyFitnessPal users to change their passwords and urge users to do so immediately."
Update at 5:39 PM, 3/29: A statement from Under Armor has been added.