Under Armour says MyFitnessPal data breach affected 150 million users

Under Armour, the fitness company that owns MyFitnessPal, disclosed today a data breach that affected about 150 million users. MyFitnessPal, a food and nutrition application, earlier this week became aware of the breach, which took place late last month.

The breached data did not include any Social Security numbers, driver license numbers or any other government-issued identifiers, according to Under Armour. The company also said payment card information was not collected.

“The company quickly took steps to determine the nature and scope of the issue and to alert the MyFitnessPal community of the incident,” Under Armour wrote in a press release.

Four days after Under Armour became aware of the issue, the company said it started to notify members of the MyFitnessPal community via email and in-app messaging. Under Armour recommends MyFitnessPal users change their passwords.

“Under Armour is working with leading data security firms to assist in its investigation, and also coordinating with law enforcement authorities,” the press release stated. “The investigation indicates that the affected information included usernames, email addresses, and hashed passwords – the majority with the hashing function called bcrypt used to secure passwords.”