How Under Armour’s App MyFitnessPal Got Hacked

Posted on by David Lukic in Data Breaches February 01, 2021

 MyFitnessPal is a fitness tracking app that was created in 2005, then in 2015, Under Armor purchased it for $475 million. On March 25, 2018, Under Armor alerted customers that a MyFitnessPal data breach had occurred, affecting 150 million accounts. Under Armor wasted no time notifying the authorities and customers. Cybersecurity experts secured the app and are continuously monitoring for any unusual or suspicious activity. They also required every user to reset their password. Although there are no clear details on why the MyFitnessPal breach occurred, experts are speculating that it was due to a vulnerability in the security of the MyFitnessPal server and possibly the actions of an employee.

When Was the MyFitnessPal Data Breach?

MyFitnessPal Data Breach

The MyFitnessPal data breach occurred in February of 2018. The hackers obtained usernames, passwords (hashed), and email addresses. A year later, this data by the MyFitnessPal hack was found on the dark web being sold for around $20,000. Under Armor had already reset all affected user’s passwords, so essentially, the information is useless except if used for phishing emails or other identity theft scams. 

How to Check if Your Data Was Breached By MyFitnessPal Hack

MyFitnessPal Breach

If you were a user of the MyFitnessPal data breach in 2018, you were affected. You should have received a notice from the app to reset your password. Additionally, MyFitnessPal posted a notice of the MyFitnessPal breach and also an FAQ page with answers to popular questions by customers affected by the MyFitnessPal data breach. 

What to Do if Your Data Was Stolen By MyFitnessPal Breach

MyFitnessPal Hack

If you use the app regularly, by now, you have reset your password. However, you should also consider a few other changes, such as:

  • If you used the same password for MyFitnessPal on other websites, change it immediately. 

  • Review your credit card and bank statements each month looking for any suspicious activity.

  • Get a copy of your credit report and sign up for credit monitoring ( does this for you).

  • Run a full antivirus scan of your computer.

Also, watch out for emails that look like they came from MyFitnessPal, but the links go to a fake or spoofed website. 

Can MyFitnessPal Data Breach Cause Identity Theft?

When Was MyFitnessPal Data Breach

The information stolen by thieves by the MyFitnessPal data breach and then sold on the dark web is precisely the type of information cybercriminals use to launch phishing attacks and scams for identity theft. They use the email addresses and logins to send out emails, luring customers into clicking a link or downloading some attachment and infecting their computer with a virus or malware. Sometimes these viruses allow criminals to take control of your computer, and they demand ransom to release it; this is called ransomware, and it is becoming very common. 

What to Do to Protect Yourself When Using Mobile Apps

Data Breach of MyFitnessPal

Mobile apps like MyFitnessPal have become a big part of our daily lives. Depending on the app, it may collect and store a lot of personal information about you. That information is then at the mercy of the security on the server where it resides. The best way to protect yourself is by being careful and selective when giving out your personal details.

  • Trust only verified apps that have good reputations.

  • Use a distinct password for each app you use, never reuse the same one.

  • When creating passwords, make them long and strong (a combination of symbols, letters, and numbers). 

  • Install antivirus on your computer and run scans often.

  • Never open emails from someone you don’t know.

  • Do not click links in emails or download any attachments.

  • Always look for the “lock” symbol or https when visiting online app portals to make sure they are secured.

About the Author
IDStrong Logo

Related Articles

The Anatomy Of Amazon Data Breach Explained

Along with being an online merchant, Amazon also supplies cloud servers to some heavy hitters in the fina... Read More

What is an Accidental Web Exposure and How to Prevent Data Leakage

Data breaches take many forms, and one of them is through accidental web exposure and data leakage. Milli... Read More

The Saga of T-Mobile Data Breach

T-Mobile Data Breach incident occurred many times. Once from September 1, 2013, and September 16, 2015 an... Read More

Anthem Data Breach Exposed 78 Million Records

In the Anthem Data Breach of 2015, hackers were able to steal 78.8 million member’s records. What start... Read More

Scan Your Records for Breaches, Leaks & Exposures!