default-output-block.skip-main
BoF Logo

The Business of Fashion

Agenda-setting intelligence, analysis and advice for the global fashion community.

Under Armour Says 150 Million MyFitnessPal Accounts Breached

The athletic apparel maker — which bought MyFitnessPal in 2015 for $475 million — suffered the largest data breach this year and one of the top five to date.
Source: Shutterstock
By
  • Reuters

BALTIMORE, United States — Under Armour Inc said on Thursday that data from some 150 million MyFitnessPal diet and fitness app accounts was compromised in February, in one of the biggest hacks in history, sending shares of the athletic apparel maker down 3 percent in after-hours trade.

The stolen data includes account user names, email addresses and scrambled passwords for the popular MyFitnessPal mobile app and website, Under Armour said in a statement. Social Security numbers, driver license numbers and payment card data were not compromised, it said.

It is the largest data breach this year and one of the top five to date, based on the number of records compromised, according to SecurityScorecard.

Larger hacks include 3 billion Yahoo accounts compromised in a 2013 incident and credentials for more than 412 million users of adult websites run by California-based FriendFinder Networks Inc in 2016, according to breach notification website LeakedSource.com.

Under Armour said it is working with data security firms and law enforcement, but did not provide details on how the hackers got into its network or pulled out the data without getting caught in the act.

While the breach did not include financial data, large troves of stolen email addresses can be valuable to cyber criminals.

Email addresses retrieved in a 2014 attack that compromised data on some 83 million JPMorgan Chase customers was later used in pump-and-dump schemes to boost stock prices, according to US federal indictments in the case in 2015.

Under Armour said in an alert on its website that it will require MyFitnessPal users to change their passwords, and it urged users to do so immediately.

"We continue to monitor for suspicious activity and to coordinate with law enforcement authorities," the company said, adding that it was bolstering systems that detect and prevent unauthorised access to user information.

Under Armour said it started notifying users of the breach on Thursday, four days after it first learned of the incident.

Under Armour bought MyFitnessPal in 2015 for $475 million. It is part of the company's connected fitness division, whose revenue last year accounted for 1.8 percent of Under Armour's $5 billion in total sales.

In This Article

© 2024 The Business of Fashion. All rights reserved. For more information read our Terms & Conditions

More from News & Analysis
Fashion News, Analysis and Business Intelligence from the leading digital authority on the global fashion industry.




view more

Subscribe to the BoF Daily Digest

The essential daily round-up of fashion news, analysis, and breaking news alerts.

The Business of Fashion

Agenda-setting intelligence, analysis and advice for the global fashion community.
CONNECT WITH US ON
BoF Professional Summit - New Frontiers: AI, Digital Culture and Virtual Worlds - March 22, 2024
© 2024 The Business of Fashion. All rights reserved. For more information read our Terms & Conditions, Privacy Policy, Cookie Policy and Accessibility Statement.
BoF Professional Summit - New Frontiers: AI, Digital Culture and Virtual Worlds - March 22, 2024