MyFitnessPal data breached; exposes email IDs, passwords of 150M accounts

Earlier this week, Under Armour, has started sending notifications to its users that are affected by an issue. It turns out; there is a massive breach that took place specifically about the MyFitnessPal individual’s personal information. Under Armour through email and in-app recommended the standard security measures to its users. Apart from this, it also required users to reset their passwords shortly.

According to the press release by Under Armour, they discovered evidence of the breach on March 25. They stated that a third party had illegally gained authorization to over 150 million user accounts earlier this year. After Under Armour carried out the subsequent investigation into the matter, they discovered the nefarious actor had access to information including usernames, email addresses, and passwords.

Many of these details were secured with the crypt hashing function of the system. Interestingly, the data stash did not include government-issued identifiers such as Social Security numbers, driver’s license data and more. Notably, MyFitnessPal does not collect such information from its customers in the first place. Fortunately for the users, Payment data system remained unaffected as the firm receives and processes such data separately.

According to the information provided by Under Armour, they are working with data security firms in the ongoing investigation to find out who was behind the act. They are also actively searching for how much the breach impacted the company’s other digital brands such as running and cycling tracker, Endomondo and Map My Run.

MyFitnessPal is highly popular when it comes to counting calories and monitoring your fitness cycles. The app is existing in the Apple App Store for the last 13 years at least. The title consistently maintains a spot in Apple’s top charts for free Health & Fitness apps and sits in the No. 2 position as of this writing.