On Thursday, Under Armour, a sportswear brand, announced that MyFitnessPal, its subsidiary, was affected by a significant data breach, that was able to compromise as many as 150 million accounts. The account information that was involved in the said breach includes email addresses, hashed passwords, and usernames. However, the company assures that no financial information such as credit card numbers or government identifiers such social security numbers were included.
Under Armour was acquired MyFitnessPal in 2015 in a deal that amounted to $475 million. MyFitnessPal had approximately 80 million users during the acquisition. MyFitnessPal is a website and mobile app that aims to track diet and exercise activity. The service has more than doubled in size thanks in part to the largely agnostic approach of the company to apps and fitness trackers, almost all of which can be plugged into MyFitnessPal for tracking exercise-related activity and calories.
While the said breach was not able to expose particularly sensitive user information, the number of users that were affected is still considered to be a significant amount, and the situation will certainly affect the stock of Under Armour, with its shares declining almost 4 percent during after-hours trading. Under Armour says that it was notified regarding the breach last week. The breach was said to have occurred last February. The company has since been working to inform the affected users and is expected to work with data security firms and the police to try and trace the origin of the breach.
In a statement, Under Armour said: “Four days after learning of the issue, the company began notifying the MyFitnessPal community via email and through in-app messaging. The notice contains recommendations for MyFitnessPal users regarding account security steps they can take to help protect their information.
“The company will be requiring MyFitnessPal users to change their passwords and is urging users to do so immediately.”