A data hack of the popular MyFitnessPal app affects 150 million accounts — with email addresses, user names and passwords exposed.
The hack took place in February 2018, according to Under Armour, which bought MyFitnessPal for $475 million in 2015. The company says it learned of the breach on March 25.
The app grew into one the more popular nutrition programs at first because it was free and worked on both iOS and Android devices. MyFitnessPal, which launched a premium version in 2015, offers its users a way to keep track of what they're eating from nutritional details to calories, akin to a service like Weight Watchers.
More apps and programs are giving people the option to record and store their health information online, and access those details on their mobile devices. Apple, for example, just announced a new update to its Health app, centralizing medical data including immunization records and lab results in one place.
UnderArmour reports that even encrypted passwords, those that were "hashed," were affected. But the company says that payment details, credit card numbers for example, were not exposed in the breach because they're "processed separately," says Under Armour.
MyFitnessPal users have started receiving emails notifying them about the hack, and asking them to immediately change their password. They should also watch their own accounts for activity that doesn't look right, and an eye out watch for any emails or solicitations that may come their way — and these are good anti-hacking tips for anyone who uses any internet connected device at all times.
Additionally, the company is also "…working with leading data security firms to assist in its investigation, and also coordinating with law enforcement authorities," they said in a statement.