Don’t sweat it: MyFitnessPal users unfazed despite hacking of 150mn accounts

30 Mar, 2018 12:23 / Updated 7 years ago

Under Armour has admitted hackers stole private data from up to 150 million MyFitnessPal app users in the largest data breach of 2018 – and one of the biggest in history. Users, however, have taken the news surprisingly well.

The hack took place in late February but was revealed on March 29. Under Armour shares fell by as much as 4.6 percent to $15.59 in after-hours trading following the announcement, according to Bloomberg. Given the somewhat sensitive nature of this particular information, many users chose to make light of the breach.

“On March 25, 2018, we became aware that during February of this year an unauthorized party acquired data associated with MyFitnessPal user accounts. The affected information included usernames, email addresses, and hashed passwords – the majority with the hashing function called bcrypt used to secure passwords,” Under Armour’s Chief Digital Officer Paul Fipps wrote in an emailed statement. That said he needn’t have worried judging by how the Twitterati have taken it in their stride.

“Once we became aware, we quickly took steps to determine the nature and scope of the issue. We are working with leading data security firms to assist in our investigation. We have also notified and are coordinating with law enforcement authorities.” Some online even praised how the company dealt with the situation.

User names, email addresses and passwords were all stolen in what is one of the largest data breaches in recorded history. However, given that the hack didn’t include any credit card information (payment information is collected and processed off-platform) or government-issued data like social security numbers and driver's license numbers, reaction online has been somewhat lighthearted.

“Email addresses are valuable for spammers because the attackers would know that active, real users are behind these addresses,” said Engin Kirda, a professor at Northeastern University in Boston as cited by Bloomberg. “The dark web is usually where data like this is sold to the highest bidder.”

Under Armour did not disclose how the breach was carried out and the perpetrator has yet to be identified. The breach was the largest known hack of consumer data announced this year and ranks in the top five data breaches of all time.

READ MORE: Equifax exec charged with insider trading, profiting $1mn in ‘largest data breach in US history’

Like this story? Share it with a friend!