Another week, another high-profile data breach

This time, it's Under Armour in the hot seat.  Under Armour acquired the MyFitnessPal app back in February 2015, and the company recently announced that their new acquisition was hacked in late February 2018.

So far, the company is taking all steps we've come to see as usual in these circumstances.  They've notified their user base about the scope and scale of the attack, which impacted a hefty 150 million users.  In conjunction with the announcement of the event itself, they assured their users that the theft of data was limited to user names, email addresses and encrypted passwords.

There is some good news

Although the stolen passwords are encrypted with bcrypt (which is a highly secure solution), the company is still recommending that all of the app's users change their passwords immediately, just to be safe.  Under Armour also assures its MyFitnessPal users that no credit card information was exposed.

In a departure from the routine we've come to expect in situations like these, the company is also warning users to be aware that since their emails were stolen, they may be subject to phishing scams in an attempt to get more of their personal information.

That announcement, in part, reads as follows:

"Please note that the email from MyFitnessPal about this issue does not ask you to click on any links or contain attachments and does not request your personal data.  If the email you received about this issue prompts you to click on a link, suggests you download an attachment, or asks you for information, the email was not sent by MyFitnessPal and may be an attempt to steal your personal data.  Avoid clicking on links or downloading attachments from such suspicious emails."

Our perspective

While Under Armour's handling of the incident has been solid so far, one has to wonder how many more of these incidents we'll see before companies start taking data security more seriously.


Thanks for reading this short post. For more tips on thriving with small business technology, check out the other blog posts at DWPia Blogs. I am also available at dwpia on LinkedIn, at dwpia on Facebook, and @dwpia on Twitter.

Cloud Computing Expert | Small Business Technology Consultant | IT Services Provider | 866.995.4488

Denis S Wilson

I am President and Principal Consultant for DWP Information Architects: specializing in managed IT support for smaller, fast-growth companies in Greater Los Angeles. And have created cost-effective IT solutions, including managed IT support systems, for small business for over 20 years, specializing in cybersecurity and regulatory compliance. I am also a published author and speaker, working extensively with organizations that include: the State of California, the Federal Bureau of Investigation (FBI), the Small Business Administration (SBA), SCORE, Women's Business Centers, and Small Business Development Centers. As well as providing small business technology education programs to business and professional associations.

Check out this blog post

"Cyber Security Check List That Will Underscore Your Potential Business Risks"