logo

Data Breach - Cyber Security

4 Pages752 Words406 Views
   

Added on  2023-06-06

About This Document

Under Armour's MyFitnessPal app faced a data breach compromising personal details of 150 million users. The attackers were able to gain access to large trove of millions of email addresses of users which are considered valuable for a cyber-criminal. The intrusion was detected by the company within a week of the breach and investigation was laid down immediately to find the root cause of the breach. The unreliable state of data security led to the downfall of the organization drastically.

Data Breach - Cyber Security

   Added on 2023-06-06

ShareRelated Documents
Running Head: Data Breach
Data Breach - Cyber Security_1
1
Data Breach
Data Breach
A US based fitness brand company named Under Armour fell into prey of a significant data
breach which was linked to one of its subsidiary called ‘MyFitnessPal’. Under Armour owns the
MyFitnessPal software which is a website and a mobile application used for keeping track of the
daily activities like exercise, diet and body health.
What the attacker did during the breach?
Under Armour announced that some 150 million accounts of its users were compromised during
the data breach which was marked as one of the biggest data breach hacks in the history. The
hackers were able to breach the Under Armour’s MyFitnessPal app compromising the personal
details of the users like the usernames, passwords, email addresses etc. (Caplan, 2017). The
attacker was able to get all the personal details of millions of account and was swimming in login
credentials. Although the payment details of the cards were not compromised yet the data breach
was said to be one the largest in the history. The attackers were able to gain access to large trove
of millions of email addresses of users which are considered valuable for a cyber-criminal. These
stolen emails can be used to boost the stock prices by dumping schemes through emails
(Maringer et al., 2018).
How the attack was made and what was the threat vector?
The intrusion was detected by the company within a week of the breach and investigation was
laid down immediately to find the root cause of the breach. The company was able to protect
some sensitive information by protecting the passwords by hashing them or by converting the
stored password into indistinct strings of characters. Despite this measure, the company later
admitted that it had hashed only few passwords using a certain robust and strong function called
Bcrypt, while the remaining passwords were protected by a redundant method of hashing called
SHA-1. The SHA-1 is known to have its flaws and is a weak scheme for password encryption.
The attackers were able to get in to the system through this link by cracking some part of the
password which was stolen by them without any trouble. This weak link was a like a get-in
invitation to the hackers and they easily got out by extracting the details of the users. The threat
vector included the data of around 150 million users from across the world having some personal
Data Breach - Cyber Security_2

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Under Armour Data Breach
|5
|761
|381

Data Security Breach of MyFitnessPal: Analysis and Prevention
|4
|980
|298

Analysis of Recent Cyber Security Breaches: MyFitnessPal, WannaCry and Petya
|11
|3802
|406

PRINCIPLES OF MANAGEMENT {MBA133} CIA - 3 INFOGRAPHICS
|6
|1233
|64

cyber security threats and attacks
|4
|749
|141

System Security: Data Breach Attack on eBay and WannaCry Ransomware Attack
|8
|1892
|123