Under Armour, joining a growing list of corporate victims of hacker attacks, said about 150 million user accounts tied to its MyFitnessPal nutrition-tracking app were breached earlier this year.

An unauthorised party stole data from the accounts in late February, Under Armour said on Thursday. It became aware of the breach earlier this week and took steps to alert users about the incident, the company said.

The data didn't include payment-card information or government-issued identifiers, including Social Security numbers and driver's licence numbers. Still, user names, email addresses and password data were taken. And the sheer scope of the attack - affecting a user base that's bigger than the population of Japan - would make it one of the larger breaches on record.

"Email addresses are valuable for spammers because the attackers would know that active, real users are behind these addresses," said Engin Kirda, a professor at Northeastern University in Boston. "The dark web is usually where data like this is sold to the highest bidder."

Boeing breach