Under Armor Admits Huge Data Leak in MyFitnessPal App -- Security Today

Under Armor Admits Huge Data Leak in MyFitnessPal App

Under Armor has admitted that nearly 150 million users of the smartphone application "MyFitnessPal" were hacked.

By Sydny Shepard
Apr 03, 2018

Under Armor has admitted to a huge data leak in its smartphone application, "MyFitnessPal." The company says around 150 million users were hacked in February of this year.

The sports company stated that "an unauthorized party acquired data associated with MyFitnessPal user accounts" occurred in Feb. 2018 but it only became aware of the breach last week.

"The company quickly took steps to determine the nature and scope of the issue and to alert the MyFitnessPal community of the incident," a statement said.

The data includes usernames, passwords and email addresses, but did not reveal bank accounts, drivers license numbers or social security information.

"Four days after learning of the issue, the company began notifying the MyFitnessPal community via email and through in-app messaging," continued the statement. "The notice contains recommendations for MyFitnessPal users regarding account security steps they can take to help protect their information. The company will be requiring all MyFitnessPal users to change their passwords and is urging users to do so immediately."

"You might not think about the information you submit to fitness applications as sensitive, but if you're using the same password for other, more valuable applications, than the risk is really much more serious," Tim Erlin, VP, product management and strategy at Tripwire said. "Reusing passwords across multiple services and applications increased the risk of compromise."

This is the biggest data breach in 2018 so far, and Under Armor said it is "working with leading data security firms to assist in its investigation" as well as law enforcement authorities.

The MyFitnessPal app lets users monitor their calorie intake and measure it against the amount of exercise they are doing. With a database of more than two million foods available to choose from.

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

Survey: Nearly Half of Employees Hide Workplace AI Use

Laserfiche, a SaaS provider of intelligent content management and business process automation, recently released new survey findings on AI adoption in the workplace, revealing that nearly half of Americans (49%) who use AI at work keep it to themselves, with 15% deliberately avoiding telling their manager. Read Now
- Artificial Intelligence
- Cybersecurity
46% of Enterprise Passwords Are Vulnerable to Cracking

Picus Security recently released The Blue Report™ 2025, based on more than 160 million real-world attack simulations. Now in its third year, the report provides a data-driven assessment of how well security controls perform against today’s threats — and this year’s findings are the most concerning to date. Read Now
- Cybersecurity
Community-Led Video Security Network Transforms Pennsylvania City Public Safety

A community-supported video security initiative has transformed public safety in Lancaster, Pennsylvania. The citizen-led collaboration demonstrates how open platform video technology can help revitalize struggling urban areas. Read Now
- Government
Browser-Based AI Agents: The Silent Security Threat Unfolding

Some of the most revolutionary advances in artificial intelligence include browser-based AI agents, which are self-sustaining software tools integrated into web browsers that act on behalf of individuals. Read Now
- Cybersecurity
Report: Cybercriminals Abandon Tech Tricks for Personalized Email Deception Tactics

VIPRE Security Group, a cybersecurity, privacy, and data protection company, has released its email threat landscape report for Q2 2025. Through an examination of worldwide real-world data, this report sounds the alarm on the most significant email security trends observed in the second quarter of 2025, enabling organizations to develop effective email security defenses for the remainder of the year. Read Now
- Cybersecurity

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

PureTech Systems, Clear Align Partner to Deliver Advanced Autonomous Security, Command-and-Control for U.S. Air Force Tactical Security System

Webinars

Whitepapers

New Products

Unified VMS

AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities
ResponderLink

Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.
Compact IP Video Intercom

Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.