The Latest Data Breach is Under Armour’s MyFitnessPal

Under Armour, Inc.  announced that its MyFitnessPal app had been breached, and that information on its 150 million users had been accessed by an unknown entity. Under Armour says the “the affected information included usernames, email addresses, and hashed passwords – the majority with the hashtag function called bcrypt used to secure passwords.” The company’s press release said no government-issued identifiers (i.e., Social Security or driver’s license numbers) or credit card information were affected. The company is working with a data security firm and law enforcement authorities to investigate the breach.

Users of the app have been notified about the security steps they can take, including changing their password, which will be required. NOTE: The email from Under Armour does not ask its MyFitnessPal users to click on a link or open an attachment. Any email that includes such instructions is a scam and should be deleted immediately. Additional information for users is available on the company’s website.

April is Digital Spring Cleaning Month, and the Better Business Bureau has joined with the National Cyber Security Alliance in offering tips to safeguard your personal data at BBB.org/Digital-Spring-Cleaning.

The Better Business Bureau has advice for users of this app and others that collect personal information. Here are some tips to safeguard your smart phone and its data:

  • Password-protect your smart phone and consider additional security options such as fingerprint security.
  • Use unique passwords for each site or app you use.
  • Invest in security software for your phone (like anti-malware and virus protection on your computer)
  • Download updates frequently to make sure any known bugs are fixed promptly and that you have the latest security updates.
  • Turn off services when you are not using them. WiFi, GPS, Bluetooth, etc. are all ways that hackers can get into your phone. You can also save on battery life.
  • Store important information elsewhere. Passwords and other sensitive information should never be stored on your phone.
  • If you connect digitally in a rented vehicle, be sure to erase your tracks before you return the car. Ask for help if you do not know how to do it.

Source: BBB.org, Under Armour and the National Cyber Security Alliance

To report a scam, go to the BBB Scam Tracker. To find trustworthy businesses, go to https://www.bbb.org