World Bulletin / News Desk
The company said in a statement that "an unauthorized party" acquired data associated with the firm's food and nutrition application and website 'MyFitnessPal.'
Under Armour became aware of the leak on Sunday but the breach happened late February, according to the statement.
The firm started notifying its users four days after the breach, that affected information includes usernames, passwords, and e-mail addresses, but not credit or debit card information, it said.
Under Armour shares fell to as low as $15.85 in after-hours trading, marking a three percent decline from the closing price of $16.35.
The data breach is one of many that has recently affected millions of people across the U.S.
Less than two weeks ago, the U.K.-based data and consulting firm Cambridge Analytica was reported using 50 million Facebook users' data without consent in critical political contexts such as Brexit and the U.S. elections in 2016.
Equifax, one of the major consumer credit reporting agencies in the U.S., said last September some 148 million were affected in a data breach between May-July period last year.
And, Yahoo, once an online heavyweight, said in October that a data leak during 2013 hit three billion user accounts.