Under Armour shares news: Fitness firm reports user data breach
Under Armour shares ended the US trading session a little higher Thursday. However, the stock slumped in after-hours trade as the fitness firm announced data from its MyFitnessPal app had been breached in February 2018.
Under Armour shares closed 0.18% higher at $16.35. However, the stock is over 2% lower in after-hours trade.
Are you looking for fast-news, hot-tips and market analysis? Sign-up for the Invezz newsletter, today.
Largest data security breach this year
Under Armour said that data from 150 million users of its nutrition and fitness app and website, MyFitnessPal, had been compromised. According to a Reuters report, thats the largest data breach so far this year and one of the top five by user numbers, in the recent history of these kinds of breaches.
Under Armour said the February data breach was discovered on March 25th. However, so far it appears no financial information or social security details were accessed.
“Under Armour is working with leading data security firms to assist in its investigation, and also coordinating with law enforcement authorities,” the firm said in a press release.
“The investigation indicates that the affected information included usernames, email addresses, and hashed passwords – the majority with the hashing function called bcrypt used to secure passwords,” it added.
“The company’s investigation is ongoing, but indicates that approximately 150 million user accounts were affected by this issue,” Under Armour said.
Growing data security story
While data security breaches are, unfortunately, not uncommon, the timing of this sizable one is significant.
The Apple revealed its latest iOS update includes new data and privacy settings and information.
It’s likely that tougher regulation could be put in place to protect users’ data and also standardize the way firms collect, use and store such information.
The incoming EU GDPR rules go a long way to beginning that process across the region. However, its likely they may not be considered strong enough in ensuring tech businesses take full responsibility of their part in securing the private data of all their users.