Under Armor Admits Huge Data Leak in MyFitnessPal App

Under Armor Admits Huge Data Leak in MyFitnessPal App

Under Armor has admitted that nearly 150 million users of the smartphone application "MyFitnessPal" were hacked.

Under Armor has admitted to a huge data leak in its smartphone application, "MyFitnessPal." The company says around 150 million users were hacked in February of this year.

The sports company stated that "an unauthorized party acquired data associated with MyFitnessPal user accounts" occurred in Feb. 2018 but it only became aware of the breach last week.

"The company quickly took steps to determine the nature and scope of the issue and to alert the MyFitnessPal community of the incident," a statement said.

The data includes usernames, passwords and email addresses, but did not reveal bank accounts, drivers license numbers or social security information.

"Four days after learning of the issue, the company began notifying the MyFitnessPal community via email and through in-app messaging," continued the statement. "The notice contains recommendations for MyFitnessPal users regarding account security steps they can take to help protect their information. The company will be requiring all MyFitnessPal users to change their passwords and is urging users to do so immediately."

"You might not think about the information you submit to fitness applications as sensitive, but if you're using the same password for other, more valuable applications, than the risk is really much more serious," Tim Erlin, VP, product management and strategy at Tripwire said. "Reusing passwords across multiple services and applications increased the risk of compromise."

This is the biggest data breach in 2018 so far, and Under Armor said it is "working with leading data security firms to assist in its investigation" as well as law enforcement authorities.  

The MyFitnessPal app lets users monitor their calorie intake and measure it against the amount of exercise they are doing. With a database of more than two million foods available to choose from.  

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

  • Report: 15 Percent of All Emails Sent in 2023 Were Malicious

    VIPRE Security Group recently released its report titled “Email Security in 2024: An Expert Look at Email-Based Threats”. The 2024 predictions for email security in this report are based on an analysis of over 7 billion emails processed by VIPRE worldwide during 2023. This equates to almost one email for everyone on the planet. Of those, roughly 1 billion (or 15%) were malicious. Read Now

  • ASIS Announces ANSI-Approved Cannabis Security Standard

    ASIS International, a leading authority in security standards and guidelines, proudly announces the release of a pioneering American National Standards Institute (ANSI)-approved standard dedicated to cannabis security. This best-in-class standard, meticulously developed by industry experts, sets a new benchmark by providing comprehensive requirements and guidance for the design, implementation, monitoring, evaluation, and maintenance of a cannabis security program. Read Now

  • ISC West Announces Keynote Lineup

    ISC West, in collaboration with premier sponsor the Security Industry Association (SIA), announced this year’s dynamic trio of speakers that will headline the Keynote Series at ISC West 2024. Read Now

    • Industry Events
  • Government is Top Targeted Industry for DDoS Attacks in Q4 2023

    The government sector experienced a surge of DDoS attacks in Q4 according to Lumen Technologies (NYSE: LUMN), a global leader in integrated network and cybersecurity solutions. The Lumen Quarterly DDoS & Application Threat Report for Q4 2023 analyzes data from its DDoS mitigation platform and application protection partner, ThreatX, to provide an overview of the DDoS and application-layer attacks that targeted organizations in the last quarter of 2023. Read Now

Featured Cybersecurity

Whitepapers

New Products

  • Hanwha QNO-7012R

    Hanwha QNO-7012R

    The Q Series cameras are equipped with an Open Platform chipset for easy and seamless integration with third-party systems and solutions, and analog video output (CVBS) support for easy camera positioning during installation. A suite of on-board intelligent video analytics covers tampering, directional/virtual line detection, defocus detection, enter/exit, and motion detection. 3

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles. 3

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions. 3