MyFitnessPal has suffered a data breach. This latest incident reportedly compromised 150 million accounts.
March is certainly ending with a bang. Under Armour Inc has admitted that an unauthorized party gained access and stole information in their database. As a result, 150 million accounts were exposed. From Fortune:
Under Armour Inc., joining a growing list of corporate victims of hacker attacks, said about 150 million user accounts tied to its MyFitnessPal nutrition-tracking app were breached earlier this year.
An unauthorized party stole data from the accounts in late February, Under Armour said on Thursday. It became aware of the breach earlier this week and took steps to alert users about the incident, the company said.
Shares of Under Armour fell as much as 4.6 percent to $15.59 in late trading following the announcement. The stock had been up 13 percent this year through Thursday’s close.
The data didn’t include payment-card information or government-issued identifiers, including Social Security numbers and driver’s license numbers. Still, user names, email addresses and password data were taken. And the sheer scope of the attack — affecting a user base that’s bigger than the population of Japan — would make it one of the larger breaches on record.
This represents the largest data breach we are aware of this month. March started off relatively quiet with little activity on this front. However, 15 days in, MBM Company suffered a data leak where 1.3 million customers had their information exposed. As if making up for lost time, a New York hospital suffered a breach just two days later where 135,000 patients had their information exposed. After that, travel website Orbitz suffered a data breach of their own with 880,000 accounts compromised.
This good news in this latest breach is that critical information such as credit card and social security information wasn’t affected. Still, if you re-used the password on that service elsewhere, it is definitely advisable you not only change the password on MyFitnessPal, but also any other service you used that password for.
What is also interesting is the fact that this story is getting some exposure across news outlets. It’s quite possible that thanks to the Cambridge Analytica / Facebook data mining story, there is an increased awareness about personal privacy and security in recent days. How long that lasts remains to be seen.
Drew Wilson on Twitter: @icecube85 and Google+.