The hack took place in late February but was revealed on March 29. Under Armour shares fell by as much as 4.6 percent to $15.59 in after-hours trading following the announcement, according to Bloomberg. Given the somewhat sensitive nature of this particular information, many users chose to make light of the breach.
I think it’s fair to say the MyFitnessPal breach totally validates my choice to avoid working out at all cost.
— bat (@mzbat) March 30, 2018
“On March 25, 2018, we became aware that during February of this year an unauthorized party acquired data associated with MyFitnessPal user accounts. The affected information included usernames, email addresses, and hashed passwords – the majority with the hashing function called bcrypt used to secure passwords,” Under Armour’s Chief Digital Officer Paul Fipps wrote in an emailed statement. That said he needn’t have worried judging by how the Twitterati have taken it in their stride.
“Once we became aware, we quickly took steps to determine the nature and scope of the issue. We are working with leading data security firms to assist in our investigation. We have also notified and are coordinating with law enforcement authorities.” Some online even praised how the company dealt with the situation.
User names, email addresses and passwords were all stolen in what is one of the largest data breaches in recorded history. However, given that the hack didn’t include any credit card information (payment information is collected and processed off-platform) or government-issued data like social security numbers and driver’s license numbers, reaction online has been somewhat lighthearted.
Woke up to an email saying my MyFitnessPal account has been hacked. The absolute shame of Russia knowing how much Greek yogurt I ate in January!
— Jon (@pifflevalve) March 30, 2018
Why are hackers going after MyFitnessPal? If you want to know about the 43 Oreos I ate this weekend, I will just tell you tbh
— Liz Dueweke 🐾 (@LizDueweke) March 29, 2018
MyFitnessPal was hacked, so if you see someone log 3 Cheesy Gordita Crunches and 2 Quesoritos from Taco Bell this weekend it’s definitely NOT me
— Ernie Le (@MrErnestLe) March 29, 2018
“Email addresses are valuable for spammers because the attackers would know that active, real users are behind these addresses,” said Engin Kirda, a professor at Northeastern University in Boston as cited by Bloomberg. “The dark web is usually where data like this is sold to the highest bidder.”
What scares me the most about the MyFitnessPal data breach is someone will know exactly how much f*cking pizza I really eat, and the last time I choked down a veggie was 2010.
— Jacqui 🍷Is it wine o’clock?🍷 (@heyjacqui_) March 29, 2018
Under Armour did not disclose how the breach was carried out and the perpetrator has yet to be identified. The breach was the largest known hack of consumer data announced this year and ranks in the top five data breaches of all time.
Like this story? Share it with a friend!