A data breach affected close to 150 million people who use the MyFitnessPal app, Under Armour said Thursday.
Investigators said usernames, email addresses and passwords may have been stolen in the breach.
However, Under Armour said that payment information has not been affected since Under Armour processes the payments separately from the app.
Under Armour also doesnt collect any government information, like Social Security numbers or drivers license information.
Four days after learning of the issue, the company began notifying the MyFitnessPal community via email and through in-app messaging. The notice contains recommendations for MyFitnessPal users regarding account security steps they can take to help protect their information, Under Armour said in a statement. The company will be requiring MyFitnessPal users to change their passwords and is urging users to do so immediately.
The company first became aware of the data breach March 25 after it noticed hackers broke into the system in February.
Under Armour has already notified individuals about the breach as it continues its investigation.
Under Armour acquired MyFitnessPal back in 2015 for $475 million. At the time, only 80 million people used the app, according to The Verge.
The app rose in popularity at the same time as fitness trackers, like FitBits and Apple Watches, many of which can connect with the app.
Shares for the company dropped 3.8 percent after the company announced that its data had been breached, according to CNBC.
Security researcher Troy Hunt told BBC News that Under Armour didnt mishandle how it released information about the breach and handled it better than Equifax and Uber, two companies that also had to release information about data breaches in the past.
In many ways, this is just another day on the internet: a large online asset suffers a data breach and millions of usernames and passwords get leaked, he told BBC News. "To its credit, Under Armour appears to have made an announcement on this within four days, and its method of password storage is quite robust.
Investigators said usernames, email addresses and passwords may have been stolen in the breach.
However, Under Armour said that payment information has not been affected since Under Armour processes the payments separately from the app.
Under Armour also doesnt collect any government information, like Social Security numbers or drivers license information.
Four days after learning of the issue, the company began notifying the MyFitnessPal community via email and through in-app messaging. The notice contains recommendations for MyFitnessPal users regarding account security steps they can take to help protect their information, Under Armour said in a statement. The company will be requiring MyFitnessPal users to change their passwords and is urging users to do so immediately.
The company first became aware of the data breach March 25 after it noticed hackers broke into the system in February.
Under Armour has already notified individuals about the breach as it continues its investigation.
Under Armour acquired MyFitnessPal back in 2015 for $475 million. At the time, only 80 million people used the app, according to The Verge.
The app rose in popularity at the same time as fitness trackers, like FitBits and Apple Watches, many of which can connect with the app.
Shares for the company dropped 3.8 percent after the company announced that its data had been breached, according to CNBC.
Security researcher Troy Hunt told BBC News that Under Armour didnt mishandle how it released information about the breach and handled it better than Equifax and Uber, two companies that also had to release information about data breaches in the past.
In many ways, this is just another day on the internet: a large online asset suffers a data breach and millions of usernames and passwords get leaked, he told BBC News. "To its credit, Under Armour appears to have made an announcement on this within four days, and its method of password storage is quite robust.
