US sports company Under Armour is urging 150 million customers to take action after its wildly popular fitness app is hacked

By Kate Taylor

Users of Under Armour’s health and fitness app — MyFitnessPal — have been hit with a data breach.

Roughly 150 million people who are MyFitnessPal users were impacted by a breach, which Under Armour discovered earlier this week. An “unauthorised party” acquired data about MyFitnessPal users in late February 2018, Under Armour announced on Thursday.

“Under Armour is working with leading data security firms to assist in its investigation, and also coordinating with law enforcement authorities,” the company said in a statement. “The investigation indicates that the affected information included usernames, email addresses, and hashed passwords — the majority with the hashing function called bcrypt used to secure passwords.”

The unauthorised party would not have been able to obtain payment information or information such as users’ Social Security numbers or driver’s license numbers in the breach, Under Armour said. The company has begun notifying users via in-app message, as well as email.

Under Armour will require MyFitnessPal users to change their password, and is “urging users to do so immediately.” The company is also urging users to review their accounts for suspicious activity, and to be cautious of any unsolicited messages, such as emails, that ask for personal data.