Under Armour discloses data breach affecting 150m user accounts

hawki · Mar 29, 2018

"Under Armour discloses data breach affecting 150m user accounts...

...[A] data security breach had affected about 150m user accounts for its MyFitnessPal fitness and diet tracking service.

...[A]n unauthorised party had gotten data associated with MyFitnessPal user accounts, including usernames, email addresses and [encrypted*] passwords, in late February.

Payment card information was not affected, the company said. It estimated that about 150m user accounts were affected..."

https://www.ft.com/content/d0bef918-3391-11e8-b5bf-23cb17fd1498

NB:UA says it learned of the breach on March 25, 2018

*The investigation indicates that the affected information included hashed passwords – the majority with the hashing function called bcrypt used to secure passwords.

guest · Mar 29, 2018

Under Armour Announces Data Breach of 150 Million User Accounts
March 29, 2018
https://www.bleepingcomputer.com/ne...ces-data-breach-of-150-million-user-accounts/

Under Armour has started notifying users of the MyFitnessPal app of a security breach that took place in late February 2018, and during which hackers made off with the personal details of nearly 150 million user accounts.

But even if bcrypt is considered a secure password hashing function, Under Armour is now asking all MyFitnessPal users to change their account passwords, just to be on the safe side.
The biggest danger is that MyFitnessPal users might see an increase in spam in the coming days, as the stolen data is not useful besides adding users' emails to spam lists.

Under Armour warns of phishing and scam attempts
The company is also warning users to not fall victims to phishing scams that may leverage the "security breach" to lure users on phishing sites.

Under Armor has also shared a copy of the email affected customers will receive.
Click to expand...

guest · Jun 2, 2018

Lawsuit Filed in Wake of Under Armour Data Breach
Company Asks Court to Compel Arbitration
June 1, 2018
https://www.inforisktoday.com/lawsuit-filed-in-wake-under-armour-data-breach-a-11051

A lawsuit seeking class action status has been filed in the aftermath of a data breach impacting 150 million users of Under Armour's MyFitnessPal mobile application and website.
What Will Happen?
Attorney Steven Teppler of the Abbott Law Group, who is not involved in the case, says the fate of the proposed class action lawsuit is difficult to predict due to a number of issues.
Negligent Practices?
The suit alleges that the data breach was "a direct and proximate result of Under Armour's failure to properly safeguard and protect plaintiffs' and class members personally identifiable information from unauthorized access, use and disclosure."

"If you have 12 doors, why would you put double locks on 11 doors, but then put an easily picked lock on the twelfth door?" Teppler asks. "Why would a company use a weaker security regime on protecting names and email addresses?"
Click to expand...

ronjor · Jun 2, 2018

Fitness app PumpUp left users' personal data exposed on server

David Lumb, @OutOnALumb
While it's not at the catastrophic level of MyFitnessPal's 150 million-user data breach , the company behind the workout app PumpUp left information for 6 million of its members exposed. The Amazon cloud-hosted back-end server holding the data didn't have a password set up for an uncertain lenght of time, enabling anyone to observe sign-ins and exchanged messages.
Click to expand...

Log in or Sign up

Under Armour discloses data breach affecting 150m user accounts

hawki Registered Member

guest Guest

guest Guest

ronjor Global Moderator

Log in or Sign up

Under Armour discloses data breach affecting 150m user accounts

hawki Registered Member

guest Guest

guest Guest

ronjor Global Moderator

Useful Searches