More than 150 million user accounts of diet and fitness app MyFitnessPal have been hacked, its owners said.
US sportswear brand Under Armour said in a statement that it first became aware of the security breach on March 25 and began informing users four days later.
It said the data had been stolen in late February of this year and that email addresses and passwords had been accessed but that payment details were unaffected because they are processed separately.
The company said it was working with data security firms and law enforcement agencies to investigate the breach and urged all users to change their passwords immediately.
Under Armour added: 'We do not know the identity of the unauthorised party. Our investigation into this matter is ongoing.'
The app allows customers to monitor their calorie intake and measure it against the amount of exercise they are doing using a database of more than two million foods.
Under Armour bought the company in 2015 for 475 million US dollars (£338.1m).
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules here