Under Armour-owned nutrition and exercise tracking app MyFitnessPal has experienced a data breach affecting some 150 million users.
The Baltimore Sun reports that information exposed by the breach includes usernames and email addresses, as well as encrypted passwords. It’s unclear at this time how much, if any, users biometric data was also affected.
MyFitnessPal alerted users of the breach this afternoon. Under Armour said it first learned of the MyFitnessPal breach, which took place in late February, on March 25th.
“The affected data did not include government-issued identifiers (such as Social Security numbers and driver’s license numbers), which the company does not collect from users,” Under Armour said in a statement. “Payment card data was also not affected because it is collected and processed separately.”
As in any data breach, users of MyFitnessApp are advised to change their passwords as soon as possible.
We’ve reached out to Under Armour for details and will update as they become available.
Correction: A previous version of this article incorrectly stated that Under Armour learned of the breach in late February. The company told Gizmodo that while the breach took place in late February, it did not learn of it until March 25th.