U.S. fitness brand Under Armour, which operates the MyFitnessPal software, has stated that usernames, email addresses and passwords have potentially been stolen in a data breach. The company has said, however, that user passwords are not affected since these were protected through the application of a robust encryption system. According to Forbes, this represents the biggest data breach of 2018 so far.
The MyFitnessPal data breach took place in late February 2018; however, the loss of the data was not discovered and made public until March, 25. Here Under Armour have stated: “The company quickly took steps to determine the nature and scope of the issue and to alert the MyFitnessPal community of the incident.”
The statement goes on read: “Under Armour is working with leading data security firms to assist in its investigation, and also coordinating with law enforcement authorities. The investigation indicates that the affected information included usernames, email addresses, and hashed passwords – the majority with the hashing function called bcrypt used to secure passwords.”
MyFitnessPal is an app designed to aid users in tracking diet and for recording exercise routines. The blurb on the Apple store states: “Whether you want to lose weight, tone up, get healthy, change your habits, or start a new diet, you’ll love MyFitnessPal.”
According to TechCrunch, some four days after Under Armour became aware of the hacking, the company began to notify members of the MyFitnessPal community. Notifications were issued via email and in-app messaging. In these messages Under Armour recommended MyFitnessPal users change their passwords.
Security researcher Troy Hunt has told the BBC the company has handled the data breach well: “In many ways, this is just another day on the internet: a large online asset suffers a data breach and millions of usernames and passwords get leaked.”
The analyst adds: “To its credit, Under Armour appears to have made an announcement on this within four days, and its method of password storage is quite robust.”
