The athletic wear company announced Thursday that an unauthorized party gained access to the data tied to its fitness app, MyFitnessPal. The breach, which took place late February 2018, affected approximately 150 million user accounts.

The related information that was accessed includes:

  • Usernames
  • Email addresses
  • Hashed passwords

The company is urging MyFitnessPal app users to update passwords immediately.

Following the announcement shares of Under Armour dropped 3.8 percent.  Payment information, which Under Armour collects and processes separately, has not been affected by the breach. Under Armour does not collect government identifiers, like social security numbers and driver’s license numbers.

Under Armour first became aware of a potential breach on March 25, when company discovered an unauthorized party had accessed MyFitnessPal user data in February. Under Armour took steps to notify affected users, and is now is working with data security firms and law enforcement to assist in its investigation.

Source: Company Press Release