150m MyFitnessPal users hit by data breach

Thieves made off with usernames, email addresses and encrypted passwords

Health and fitness app MyFitnessPal has been hit by one of the biggest data breaches in history, after cyber thieves made off with the personal data of around 150 million users.

Under Armour, the activewear brand that owns and operates the app, confirmed last week that usernames, email addresses and hashed passwords were all stolen in the breach. The company has said that the majority of the affected passwords were encrypted with the Bcrypt algorithm, which has a good reputation for security.

The breach occurred in February and was detected on 25 March. MyFitnessPal has notified users, and will be requiring all affected accounts to change their passwords.

"We take our obligation to safeguard your personal data very seriously and are alerting you about this issue so you can take steps to help protect your information," the company said as part of an announcement notifying customers of the breach.

"Once we became aware, we quickly took steps to determine the nature and scope of the issue. We are working with leading data security firms to assist in our investigation. We have also notified and are coordinating with law enforcement authorities."

The hack is the third-biggest breach in history when measured by volume of affected accounts. Over 3 billion accounts were compromised by two record-shattering Yahoo breaches in 2013 and 2014, while 412 million users were hit by the breach of AdultFriendFinder and other sites under the FriendFinder Networks banner.

Under Armour purchased MyFitnessPal for $475 million back in 2015, and the app is part of the company's IoT and connected fitness portfolio.

Featured Resources

Digital document processes in 2020: A spotlight on Western Europe

The shift from best practice to business necessity

Download now

Four security considerations for cloud migration

The good, the bad, and the ugly of cloud computing

Download now

VR leads the way in manufacturing

How VR is digitally transforming our world

Download now

Deeper than digital

Top-performing modern enterprises show why more perfect software is fundamental to success

Download now

Recommended

What is shoulder surfing?
Security

What is shoulder surfing?

19 Oct 2020
Google blocked record-breaking 2.5Tbps DDoS attack in 2017
Security

Google blocked record-breaking 2.5Tbps DDoS attack in 2017

19 Oct 2020
Microsoft releases two emergency Windows patches
Security

Microsoft releases two emergency Windows patches

19 Oct 2020
Weekly threat roundup: Windows 10, Adobe, and SonicWall VPNs
Security

Weekly threat roundup: Windows 10, Adobe, and SonicWall VPNs

16 Oct 2020

Most Popular

The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

5 Oct 2020
How to wipe a laptop easily and securely
Security

How to wipe a laptop easily and securely

5 Oct 2020
iPhone 12 lineup official with A14 Bionic chip and 5G support
Mobile Phones

iPhone 12 lineup official with A14 Bionic chip and 5G support

13 Oct 2020