Under Armour revealed details last week into the biggest breach of 2018, impacting over 150 million of its MyFitnessPal health and wellness users.
MyFitnessPal is a popular fitness tracking app that allows users to track their calorie intake and exercise. It was founded in 2005 and was acquired by Under Armour three years ago.
The intrusion happened in February, but Under Armour did not become aware of the incident until March 25. Hackers made off with usernames, email addresses, and mostly bcrypt-hashed passwords. Some of the passwords compromised were only encrypted using a significantly weaker 160 bit-hashing function, SHA-1.
Fortunately for its users, data like Social Security Numbers and driver’s license numbers are not collected by MyFitnessPal, and banking and credit card information is collected and processed separately.
Under Armour is in the process of notifying all MyFitnessPal users to provide information on how to protect their data, including requiring all users to change their passwords, working with law enforcement to monitor for any suspicious activity, and exploring additional protections to help detect and prevent similar incidents from happening in the future.
Under Armour’s response to the incident has been timely and responsible, but that doesn’t mean they aren’t experiencing the usual side effects of a data breach, namely financial damage. To date, Under Armour stocks have dropped as much as 4.6 percent. This figure is standard for an organization suffering a data breach, that’s at least according to a recent Ponemon study which found that stock prices fall an average of five percent the day a breach is disclosed, and companies experience up to a seven percent customer churn.
While details on exactly how Under Armour was breach are not available yet, it would not come as a shock if this attack was executed by a trusted employee or an external cybercriminal using valid, authorized user credentials.
NNT believes it’s not enough to guard the gate and keep unauthorized users out; instead, there must be a means for monitoring what’s going on within the network as well, regardless if there’s any suspicious activity to be concerned about. As unfortunate as it may seem, organizations must adopt the notion that untrusted actors exist both inside and outside the network and that user behaviour must be monitored to spot any suspicious activity. NNT’s Breach Detection- Host Intrusion Detection tool is a great way to monitor these activities and spot any malicious activity before any serious damage is done.
Read the article on Forbes