In a statement released by Under Armour, the company revealed that the stolen data includes account user names, email addresses and scrambled passwords for the popular MyFitnessPal mobile app and website.
"The company's investigation is ongoing, but indicates that approximately 150 million user accounts were affected by this issue", it said.
Under Armour also doesn't collect any government information, like Social Security numbers or driver's license information.
Credit card data was not breached either, the company said, because payment information is collected and processed separately.
Under Armour has started notifying users of the MyFitnessPal app of a security breach that took place in late February 2018, and during which hackers made off with the personal details of almost 150 million user accounts. When it was acquired, MyFitnessPal had 80 million users and it has since doubled in size.
The company said it then took steps to notify affected users, although this information was not widespread until Thursday.
Ball-tampering punishments don't fit the crime - Warne
Smith and Warner have $1.9 million dollar contracts, Smith with the Rajasthan Royals and Warner for Sunrisers Hyderabad in the cash-rich Twenty20 tournament.
While no financial data was compromised, the massive number of email addresses are still considered valuable information to cybercriminals.
It's not initially clear how long Under Armour has known about the data breach, how it occurred, or when.
Data from the MyFitnessPal app was compromised, including information regarding users' online fitness and nutrition. Therefore, Under Armour recommended to change your password not just for the MyFitnessPal account, but also for other accounts, if you used the same one.
"We continue to monitor for suspicious activity and to coordinate with law enforcement authorities", the company said.
MyFitnessPal is an app that helps people track diet and exercise routines.
Under Armour bought MyFitnessPal in 2015 for $475m, after it was founded in 2005 by brothers Mike and Albert Lee. Notifications began four days after Under Armour learned of the breach via email and in-app messaging.