Joining the skyrocketing list of cyber attack victims, American footwear, sports, and casual apparel manufacturer, Under Armour said on Thursday that about 150 million accounts of its food and nutrition application, MyFitnessPal, were breached earlier this year.
According to Under Armour, the breach took place in late February, but the company became aware of the hack earlier this week and has already taken steps to alert users about the incident. Affecting a massive user base, which is bigger than the population of Japan, the data breach has become one of the largest and notorious breaches till date.
Following the announcement about the hack, the shares of the American manufacturer has fallen as much as 4.6 percent to $15.59 in late trading.
As per the ongoing investigation, the payment information that Under Armour collects and processes separately is safe and sound but the compromised information includes usernames, email addresses, and hashed passwords.
“Email addresses are valuable for spammers because the attackers would know that active, real users are behind these addresses and the dark web is usually the place where data like this is sold to the highest bidder,” said Engin Kirda, a professor at Northeastern University in Boston.
Now, Under Armour is engaging in a close fight with the downside of owning a data-centric business. The company has enlisted several security firms to help them with the investigation and is working with law enforcement to resolve the matter as soon as possible.
The Baltimore-based company is also sending emails and in-app messages to all the users to alert them about the breach and urging its customers to change their passwords immediately.