Under Armour announced on Thursday that its popular diet tracking app MyFitnessPal has been hacked. The company said that the data breach occurred in February, and involved the usernames, email addresses and [hashed] passwords of some 150 million user accounts.
The team at MyFitnessPal became aware of the incident on March 25, and quickly started taking steps to determine the nature and scope of the attack. It says it is working with leading data security firms to assist in the investigation, and it has also notified law enforcement.
What We Are Doing
We are taking steps to protect our community, including the following:
- We are notifying MyFitnessPal users to provide information on how they can protect their data.
- We will be requiring MyFitnessPal users to change their passwords and urge users to do so immediately.
- We continue to monitor for suspicious activity and to coordinate with law enforcement authorities.
- We continue to make enhancements to our systems to detect and prevent unauthorized access to user information.
What You Can Do
We take our obligation to safeguard your personal data very seriously and are alerting you about this issue so you can take steps to help protect your information. We recommend you:
- Change your password for any other account on which you used the same or similar information used for your MyFitnessPal account.
- Review your accounts for suspicious activity.
- Be cautious of any unsolicited communications that ask for your personal data or refer you to a web page asking for personal data.
- Avoid clicking on links or downloading attachments from suspicious emails.
Under Armour acquired MyFitnessPal back in 2015 for nearly $500 million. At the time the app, which features a large crowdsourced food nutrition library and other useful diet-tracking tools, had around 80 million active users. That number has more than doubled since.