Popular food and nutrition logging app MyFitnessPal, owned by Under Armour, has suffered a massive data breach. The company announced today that an estimated 150 million have been affected by the breach and may have had their data compromised…
Under Armour made the announcement on the MyFitnessPal website today, saying that it became aware of the breach on March 25th. The company says that an unauthorized party gained access to user data during February of this year:
On March 25, 2018, we became aware that during February of this year an unauthorized party acquired data associated with MyFitnessPal user accounts.
Now that it is aware of the breach, MyFitnessPal says it is working with data security firms and law enforcement authorities to further determine the nature and scope of the issue, while it will also continue to monitor for additional suspicious activity and make enhancements to security. The company will also require users to change their passwords in light of the breach.
Under Armour says the data affected by this breach includes usernames, email addresses, and hashed passwords. Payment card data was not affected because it is collected and processed separately:
The affected information included usernames, email addresses, and hashed passwords – the majority with the hashing function called bcrypt used to secure passwords.
The affected data did not include government-issued identifiers (such as Social Security numbers and driver’s license numbers) because we don’t collect that information from users. Payment card data was not affected because it is collected and processed separately.
On news of the breach, Under Armour stock is down by over 2 percent. You can read all of the details of the breach on the MyFitnessPal website. For many, this is yet another reason Apple should add meal logging capabilities directly to its Health app.