Scam Of The Week: 150 Million Under Armour MyFitnessPal Users Are Now Phishing Targets

  • Under Armour's health- and fitness-tracking app, MyFitnessPal, has been hit by a data breach.
  • Roughly 150 million MyFitnessPal users are affected, Under Armour says.
  • Under Armour says an "unauthorized party" gained information like usernames and email addresses, but not payment details.

"Under Armour is working with leading data security firms to assist in its investigation, and also coordinating with law enforcement authorities," the company said in a statement. "The investigation indicates that the affected information included usernames, email addresses, and hashed passwords — the majority with the hashing function called bcrypt used to secure passwords."

Under Armour will require MyFitnessPal users to change their password and is "urging users to do so immediately." The company is also encouraging users to review their accounts for suspicious activity and be cautious of any unsolicited messages asking for personal information.

This is a phishing bonanza and I'm willing to bet a hundred bucks that the cyber mafia is already working on campaigns to exploit this breach.

I would email your employees, family and friends something to this extent, feel free to copy/paste or edit:

"It's all over the news. A 150 million database with user names and passwords of Under Armour's super popular MyFitnessPal app has been hacked. Cyber criminals are going to use this to scare you into clicking on phishing emails and infect your computer with malware or manipulate you into giving out personal information.

"If you receive an email that claims your personal MyFitnessPal information has been hacked, and that you need to click on links to change your password or open attachments to find out how to protect yourself, be very careful. Do not click on links, do not open attachments, and if there is a reference to a website with more information, type the web address in your browser.

For KnowBe4 customers, inoculate your employees before they get hit with this Scam Of The Week, at the house or in the office. Send them our new template from the Current Events campaign: "MyFitnessPal".

If you aren't a KnowBe4 customer yet, ask for a quote and be pleasantly surprised:

Get A Quote Now


Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews