Under Armour said on Thursday that after the markets closed, its MyFitnessPal app has been hacked. The fitness apparel company learned that data on 150 million accounts for the site and app were breached earlier this week, a statement said.
“The investigation indicates that the affected information included usernames, email addresses, and hashed passwords – the majority with the hashing function called bcrypt used to secure passwords,” said the statement, referring to the use of a stronger password hashing algorithm.
The company said payment card data was not affected. Under Armour is currently notifying MyFitnessPal users about the breach via email and in-app messaging, and it’s requiring all app users to change their passwords.
Later in the day, the California attorney-general released the company’s data breach notification, per the state’s law – a mirror statement of what the company posted on its website.