MyFitnessPal suffers data breach as 150m users' details stolen by hackers

Your support helps us to tell the story

Support Now

Find out moreClose

As your White House correspondent, I ask the tough questions and seek the answers that matter.

Your support enables me to be in the room, pressing for transparency and accountability. Without your contributions, we wouldn't have the resources to challenge those in power.

Your donation makes it possible for us to keep doing this important work, keeping you informed every step of the way to the November election

Andrew Feinberg

White House Correspondent

Popular smartphone workout app MyFitnessPal has revealed it suffered a massive data breach last month after being targeted by hackers.

The user names, encrypted passwords and email addresses of at least 150m subscribers to the app, owned by US firm Under Armour, were stolen in February, the company said in a statement.

Under Armour only discovered the breach this week and quickly moved to reassure customers, announcing that it was investigating the incident.

"On 25 March 2018, we became aware that during February of this year an unauthorised party acquired data associated with MyFitnessPal user accounts," chief digital officer Paul Fipps wrote in an email to customers.

"The affected information included usernames, email addresses, and hashed passwords - the majority with the hashing function called bcrypt used to secure passwords.

"Once we became aware, we quickly took steps to determine the nature and scope of the issue. We are working with leading data security firms to assist in our investigation. We have also notified and are co-ordinating with law enforcement authorities."

No credit card details or financial data were taken, however, and the company has been applauded for its quick response by security experts.

MyFitnessPal tracks subscribers' calorie counts and gym routines - leaving many understandably anxious that their highly personal information could be made available online.

Under Armour bought MyFitnessPal in 2015 for $475m (£338m) and has since more than doubled its subscriber-base from 80m.

Shares in the company fell by four per cent after it made news of the breach public.