Under Armour, the company which makes the MyFitnessPal diet and fitness app that works with Fitbits and Garmin devices recently announced that it had suffered a data breach in February which resulted in information from 150 million accounts being stolen. The good news is that the stolen information did not include Social Security numbers or credit card numbers. The bad news is that it did contain names, email addresses and somewhat encrypted passwords. I say “somewhat encrypted” passwords because that many of the encrypted passwords were encrypted with technology that makes the encryption easy to break.
This data breach, which was discovered on March 25th represents a significant threat of identity theft to users of the MyFitnessPal app. For more information about this data breach you can go to this link that connects you to Under Armour’s detailed description of what happened and what you can do. https://content.myfitnesspal.com/security-information/FAQ.html
TIPS
Under Armour has notified users of the MyFitnessPal app by email, but we can also expect scammers to pose as Under Armour and contact MyFitnessPal users by email as well in an effort to lure them into providing information or clicking on links for purposes of identity theft. None of the legitimate emails from Under Armour will ask you to provide personal information or to click on any links.
First and foremost, if you are a user of MyFitnessPal you should change your password and if you are someone who uses the same password for all of your accounts, you should take this opportunity to change all of your passwords to strong and unique passwords. This is not as difficult as it may appear.  You can start with a strong base password constructed from a phrase, such as IDon’tLikePasswords that has capital letters, small letters and a symbol and then adapt it for each account you have so that you will have a secure and easy to remember password for each of your online accounts.   Thus, your Amazon password could be IDon’tLikePasswordsAMA.
Whenever possible use dual factor authentication for your accounts so that when you attempt to log in, a one-time code will be sent to your smartphone to insert in order to get access to your account.  For convenience sake you can set up dual factor authentication so that it is only required if you are logging in from a different computer or device than you normally use. 
Users of the MyFitnessPal app should also understand that because their names and email addresses are now in the hands of scammers, you should be particularly wary of spear phishing emails that appear legitimate that ask you to provide information, download attachments or click on links.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”