150m users of popular fitness app have their data stolen
HACKERS have stolen account details from 150million users of diet and exercise app MyFitnessPal in this year’s biggest data breach at any company.
Under Armour, the American sportswear brand that owns the app, admitted they only found out usernames, email addresses and passwords had been stolen a month after it happened.
In a statement, the firm said they did not know the hackers’ identity and urged members to change their passwords.
The app allows users to monitor calorie intake and measure it against how much exercise they have done using a database of more than two million foods.
Under Armour, which is based in Maryland, began informing users four days after learning of the breach last Sunday. Data security
‘Biggest breach of this year’
firms and law enforcement agencies are now investigating the hack after it emerged it actually happened at the end of February.
No payment details were said to have been stolen as these are processed separately.
It is the largest data breach this year and one of the top five of all time, according to computer security firm Security Score card. However, it is dwarfed by previous hacks such as at Yahoo in 2013, when three billion accounts were breached. In 2016 hackers targeted 412million users of adult websites run by Friend Finder Networks.
Founded by brothers Mike and Albert Lee in 2005, MyFitnessPal was sold to Under Armour for £338.1million in 2015.
It is part of the firm’s fitness division, which last year accounted for 1.8 per cent of its £3.5billion total sales.
In an email to users, Under Armour said: ‘We understand that you value your privacy and we take the protection of your information seriously … once we became aware, we quickly took steps to determine the nature and scope of the issue.’