Under Armour reports that the breach occurred in February 2018, but the hack wasn't discovered until March 25. The company has been working to notify affected users and is expected to work with the police and data security firms to try and trace the source of the breach.
Under Armour's breach notice recommends that users review their accounts and avoid clicking links from suspicious sources. Users also will be required to change their account password. According to Under Armour, the app does not collect Social Security or driver's license numbers from users, so that information wasn't exposed. The company also said that credit card data was not breached because payment information is collected and processed separately.