CoreTechDaily

Under Armour Data Breach Exposes 72 Million Customer Records

Under Armour is investigating a data breach that has exposed 72 million customer records, including personal and purchase information.

Updated Jan 22, 2026
Tags:Everest ransomwaredata breachcustomer dataUnder Armourcybersecurity
Under Armour Data Breach Exposes 72 Million Customer Records
Andrew Wallace

Andrew Wallace

Professional Tech Editor

Focuses on professional-grade hardware, software, and enterprise solutions.

Under Armour, the renowned sportswear and footwear company, is currently investigating a significant data breach that has compromised approximately 72 million customer records. The breach was first reported in November 2025 when the Everest ransomware group claimed responsibility, alleging they had exfiltrated 343GB of sensitive internal data from the company. (cybernews.com)

The stolen data includes personally identifiable information (PII) such as names, email addresses, dates of birth, genders, and approximate locations based on postcodes or ZIP codes. Additionally, the breach exposed purchase histories, which could be exploited for targeted phishing campaigns. (techcrunch.com)

The data was initially leaked on a dark web forum by the Everest group, and subsequently indexed by Have I Been Pwned (HIBP), a service that tracks data breaches. HIBP added the dataset to its database, notifying 72 million individuals that their information had been compromised. (techcrunch.com)

Under Armour has acknowledged the breach, stating they are "aware" of the claims and are investigating the matter. However, the company has not provided further details or confirmed the full extent of the breach. (techcrunch.com)

In response to the breach, a class-action lawsuit was filed on behalf of affected customers, alleging negligence in data protection. The lawsuit references the large-scale exfiltration of sensitive information during the November 2025 ransomware attack. (malwarebytes.com)

The Everest ransomware group has a history of targeting high-profile organizations, including Collins Aerospace, BMW, and the Brazilian government. Their tactics often involve double extortion, where they threaten to release stolen data unless a ransom is paid. (theregister.com)

Customers are advised to monitor their accounts for any suspicious activity and to be cautious of phishing attempts that may exploit the leaked information. Implementing strong, unique passwords and enabling two-factor authentication where possible can help enhance security.

Under Armour Data Breach Exposes Millions of Customer Records:

React to this story

Related Posts

Understanding the Risks of Hijacked .arpa Domains in Phishing Scams

Mar 2, 2026

Understanding the Risks of Hijacked .arpa Domains in Phishing Scams

Learn how hackers exploit .arpa domains for phishing attacks, and what you can do to protect yourself.

How Cybercriminals Are Using Women for Social Engineering Scams

Mar 2, 2026

How Cybercriminals Are Using Women for Social Engineering Scams

Discover how cybercriminals are recruiting women to enhance their social engineering scams, offering significant pay and targeting major companies.

Concerns Over Lovable's Malware-Ridden Apps: What Users Need to Know

Mar 2, 2026

Concerns Over Lovable's Malware-Ridden Apps: What Users Need to Know

Lovable's coding service faces accusations of hosting malware, prompting developers to reassess their app security practices.

How Cloud Migration Supports AI Opportunities for Businesses

Mar 1, 2026

How Cloud Migration Supports AI Opportunities for Businesses

Explore the critical steps in cloud migration that enable businesses to leverage AI effectively, including governance and security.