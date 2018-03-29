In what appears to be the first major data breach involving a health-and-fitness-tracking app, Under Armour disclosed to its customers just a half hour after markets closed Thursday for a long weekend that MyFitnessPal, a fitness app owned by Under Armour, had experienced a breach that potentially exposed the user data of 150 million people.
The breach reportedly occurred in Feb 2018, and Under Armor became aware of it on March 25 and has been informing users.
The affected information includes usernames, email addresses, and hashed password, but did not include social security numbers, driver’s license numbers, or any payment card data.
The company said it's "working with leading data security firms to assist in its investigation" into how the "unauthorized party" came to acquire the data from MyFitnessPal. Unlike Equifax executives Under Armour said it learned about the hack earlier this week, and decided to go public right away. The breach occurred in February.
Under Armour, Inc. (NYSE: UA, UAA) today announced that it is notifying users of MyFitnessPal – the company's food and nutrition application and website – about a data security issue. On March 25, the MyFitnessPal team became aware that an unauthorized party acquired data associated with MyFitnessPal user accounts in late February 2018. The company quickly took steps to determine the nature and scope of the issue and to alert the MyFitnessPal community of the incident.
Under Armour is working with leading data security firms to assist in its investigation, and also coordinating with law enforcement authorities. The investigation indicates that the affected information included usernames, email addresses, and hashed passwords – the majority with the hashing function called bcrypt used to secure passwords.
The affected data did not include government-issued identifiers (such as Social Security numbers and driver's license numbers), which the company does not collect from users. Payment card data was also not affected because it is collected and processed separately. The company's investigation is ongoing, but indicates that approximately 150 million user accounts were affected by this issue.
Four days after learning of the issue, the company began notifying the MyFitnessPal community via email and through in-app messaging. The notice contains recommendations for MyFitnessPal users regarding account security steps they can take to help protect their information. The company will be requiring MyFitnessPal users to change their passwords and is urging users to do so immediately.
There is a full FAQ here.
Just when Kevin Plank thought his company's stock was recovering.
Under Armour shares tumbled in after-hours trading, reflecting the seriousness of the breach.
Given all the attention being paid to corporate America's lax standards for safeguarding sensitive customer data, we wonder: Will Under Armour executives also be hauled in front of Congress next month?
Comments
I had a fitbit 6 yrs ago. Used it 2 months until the creepiness of the tracking kicked in. I would rather be unfit.
This breach × 200000. Look for mire admissions....Everything is comped.
These hackers will get rich knowing how fat all of these people are. That's some valuable data!
Errr... wait.
In reply to I had a fitbit 5 yrs ago… by Bigly
I ask, yet again, Who the FUCK are these damn RETARDS who can't walk/exercise/chat with friends/drive/shit/eat/drink without a goddamn telescreen....
In reply to These hackers will get rich… by ThinkerNotEmoter
These 'fitness trackers' have proven lucrative for their makers, but have never demonstrated an improvement in the fitness of users.
Take a look at the average construction worker. LOL.
Taking 10,000 steps a day isn't going to turn you into an athlete.
In reply to These 'fitness trackers'… by Hikikomori
When heavy people tell me, “I’m at the gym now, five days a week - I’m getting in shape!”
I reply, “does you zero good until you quit pounding down the fast food, and regularly cook healthy things, at home.”
In reply to Take a look at the average… by Nature_Boy_Wooooo
I'm happy that I am an analog luddite
LUDDITE'S FOREVER!!!!!!
We need less Tech on this Planet, not more. 95% of what Humans have invented is useless crap, and a waste of time and energy. Be a Farmer or grow a Garden.
In reply to I'm happy that I am an… by cossack55
.
In reply to LUDDITE'S FOREVER!!!!!!… by ZENDOG
Under armor smells like an Armpit right now ..
This is awful. I'm going to have to get a gym membership if my wife finds out that I don't really do shit at work.
Guess they didn’t protect our house !!
I used MyFitnessPal to make sure I am eating enough for my specific goals. The free version is so slow and clunky it borders on useless.
It did cause me to pause in reflection when it recommended pairing 3 glasses of cabernet for breakfast, lunch, and dinner, as well as snacks. As reflection is overrated, I deleted the app.
I decided to forgo the app and opted for a notepad and pencil, instead.
Personal data still ok, I think.
In reply to I used MyFitnessPal to make… by Dr. Venkman
Padlock your garbage can. NYT has a dive crew with a garbage fetish.
In reply to I decided to forgo the app… by Lost in translation
Whew, I am so glad I didn't get into this whole fitness tracking tech fab.
These fitness trackers like fitbit were just perfecting the data aquisition techniques needed.
You like us all are on the list to be chipped real soon. /S
In reply to Whew, I am so glad I didn't… by aliens is here
They need that data for when you order those Facebook Pizzas.
"Lax standards"... Really... This only shows how utterly disconnected from reality people are. Hey - SWIFT was hacked too guys. Think that was due to "lax standards" too?
Incoming data packet: Any algorithm made can be hacked. The ONLY reason more isn't hacked is because there's no money or fame to be had by hacking it. But trust me, even the mundane shit will eventually be hacked too, even if it's just for the fuck of it. Hacking is how tech people build their skills. They love that shit! ^_^
Is there a toilet tracking app, one wonders?
People need to stop all this tracking crap app bollocks and start thinking again. Here is good book to do that:
https://steiner.presswarehouse.com/sites/steiner/research/archive/intui…
that place is so boring and militant. does anyone even use their real name over there?
Who knew? I thought they sold workout clothes. Didn't even know they had a tracking app.
Let’s see the stats of Execs ditching their stocks prior to the announcement...per the standard procedure.
Yet another deep state company that deserves to crash and burn.
Isn’t this the same Kevin Plank that ditched the POTUS advisory pow wow?
Hummmmm...
I think Elon was one of those that ditched, too. Peer pressure is a bitch, Mr. Musk.
So...Tesla, UA, Goog, Twit, FB, Amazon...all having a tough go of things as of late. With the possible exception of Elon, who I’ve never had a particularly evil vibe from, couldn’t happen to a better group of dildos.
I think Elon would do better with less. Certainly less from the gov trough.
Anyhow...
i assure you...there is no pattern here. No way. No subtle forces pounding away at the foundations.
Burn them all down. Sew and plow salt where these parasitic syndicates once stood.
Salt, glyphosate, same difference!
In reply to Isn’t this the Sam Kevin… by RumpleShitzkin
ROFLMAO ... who can you trust in cyberworld? Obviously no one. Best to get rid of the phones and apps.