Baltimore-based Under Armour disclosed today 150 million MyFitnessPal accounts were compromised after a data breach. The stolen information includes usernames, email addresses, and hashed passwords.
The data breach occurred back in February, but it wasn’t discovered by the company until March 25. On March 29th, the company said that they began notifying users while it continued to investigate the incident. In a statement, the company said:
“Four days after learning of the issue, the company began notifying the MyFitnessPal community via email and through in-app messaging. The notice contains recommendations for MyFitnessPal users regarding account security steps they can take to help protect their information. The company will be requiring MyFitnessPal users to change their passwords and is urging users to do so immediately.”
It is not yet known who is behind this data breach. The company confirmed that no payment data was stolen as a users’ payment information is collected and processed by a separate service.
Under Armour’s notice to users recommends that they review their accounts, change their passwords, and avoid clicking links that look suspicious.
Under Armour declined to comment any further on the matter. The company’s stock dropped almost four percent during after-hours trading.