Under Armour Inc. confirmed that someone improperly accessed data from one of its fitness app MyFitnessPal. This data breach affected around 150 million users.
The company claims that they learned about the breach on Mach 25 and acted quickly to notify users via email and in-app notifications.
The breach was reportedly happened back in February and hacker got access to user data including usernames, email addresses, and encrypted passwords. The good thing is that passwords were encrypted with crypt algorithm that is considered safe. Financial information including credit card details were not compromised.
Even if your passwords are hard to decrypt, you should still change the password to keep your account safe. Users who received notifications should also avoid any kind of emails pretending to come from MyFitnessPal. Hackers have emails and name to perform social engineering. You should also avoid clicking on links or downloading attachments from suspicious emails.
If you use same password associated with the same email on any other service, you should also change that password as well.