MyFitnessPal data breach triggers Under Armour lawsuit
app companies fined

MyFitnessPal data breach triggers Under Armour lawsuit

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

The MyFitnessPal data breach has triggered a lawsuit against parent company Under Armour, filed on behalf of users of the mobile health app.

The legal case is being described as a putative class action against Under Armour for the liability over the theft of millions of users’ personal information. The allegations are that the MyFitnessPal data breach was caused by Under Armour’s failure to safeguard the data they held for users.

150 million users were reportedly affected by the MyFitnessPal data breach, which includes countless victims in the UK as well.

What happened in the MyFitnessPal data breach

The MyFitnessPal data breach involved the unauthorised access of users’ personal data by an unknown third-party (assumed) threat actor. Under Armour reportedly became aware of the incident in late March, but the breach itself is understood to have taken place in February 2018.

Under Armour wrote to users affected by the breach and asked them to change their passwords as a security precaution.

What data was accessed in the MyFitnessPal data breach?

Data reportedly accessed in the MyFitnessPal data breach includes:

  • Usernames;
  • Email addresses;
  • Hashed passwords.

Under Armour share values apparently dropped by 3.8% in the wake of the data breach scandal, which is a fairly common occurrence with these large-scale data breaches affecting multinational organisations.

It’s understood that payment information, which is sorted separately, has not been affected by the breach.

Another GDPR near-miss

The MyFitnessPal data breach is undoubtedly a GDPR near-miss.

Had the data breach have occurred just 12 weeks later, Under Armour may have been facing new and record fines in the region of £17m, or 4pc of their global annual turnover.

That could have been huge; crippling, even.

That being said, the point of the new GDPR is to ensure that organisations are motivated to properly protect the data they hold for people. Even so-called “minor data breaches” can cause serious harm to victims, especially those whose data has been compromised across several different breaches, meaning more information can be gathered about the victim.

Fraudsters can easily piece together a profile on their victims, and any data breach of this nature should be treated as a serious matter. Imagine if a victim of this breach also uses Equifax credit services, who were hacked last year, and has purchased gig tickets through Ticketmaster and has been a victim of their breach.

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.Information on how we handle your data is available in our Privacy Policy.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Contact is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon