UPDATE: A massive data breach involving Under Armour has been confirmed, potentially impacting 72 million customers. Alerts have been sent to millions of users warning them that their personal information may have been compromised after sensitive data surfaced on a hacker forum.
The breach, initially linked to a ransomware attack claimed by the Everest ransomware group in November 2025, has raised significant concerns over the security of consumer data. Authorities report that the stolen data includes personal details tied to customer purchases, prompting immediate investigations.
Cybersecurity experts from Have I Been Pwned have verified the existence of compromised email addresses associated with approximately 72 million people. The organization is actively notifying affected users directly via email, emphasizing the urgency of the situation.
While Under Armour’s investigation is ongoing, the leaked dataset reportedly contains a broad range of personal information. Although payment card details have not been confirmed, cybercriminals could exploit the exposed data, which may include:
– Names
– Email addresses
– Dates of birth
– Genders
– Purchase history
– Approximate location by ZIP code or postcode
Under Armour has assured customers that there is currently no evidence suggesting that this breach affected their official website or payment processing systems. An Under Armour spokesperson stated,
“Our investigation of this issue, with the assistance of external cybersecurity experts, is ongoing. The security of our systems and data is a top priority for UA.”
Despite this, analysts warn that even without direct access to sensitive payment information, the breach poses severe risks for customers. The leaked emails and personal details can be used to craft convincing phishing scams, with attackers potentially referencing specific purchases to gain victims’ trust.
As the situation develops, immediate action is essential for individuals who may have been affected. It is crucial for users to check if their email has been compromised by visiting Have I Been Pwned. This tool allows individuals to verify if their information appears in the leaked dataset.
How to Protect Yourself Now:
1. **Change Reused Passwords**: If you have reused passwords across different sites, act quickly to change them. A password manager can simplify this process by generating strong, unique passwords for each account.
2. **Watch for Phishing Emails**: Be vigilant for emails that may look legitimate, claiming issues with your account. Do not click on suspicious links; visit the official Under Armour website directly for any concerns.
3. **Enable Two-Factor Authentication**: Implementing two-factor authentication (2FA) on your accounts adds an extra layer of protection, making it harder for attackers to gain access.
4. **Monitor Account Activity**: Keep a close watch on your accounts. Be alert for any password reset requests or unusual activity that could indicate your information is being exploited.
5. **Consider Data Removal Services**: To further protect your information, explore data removal services that help erase your personal data from public databases, reducing your exposure to future scams.
As this breach unfolds, experts emphasize the importance of staying informed and proactive in safeguarding personal information. The fallout from such incidents often extends over time, leading to potential identity theft and targeted attacks.
What’s Next? Under Armour’s ongoing investigation will likely reveal more details about the scope of the breach and provide updates on how they plan to enhance their security measures. Customers are advised to stay alert for further notifications from Under Armour and to take immediate steps to secure their accounts.
For those affected, the Under Armour breach serves as a stark reminder of the vulnerabilities that can arise from data exposure, underscoring the need for vigilance in maintaining online security.
For more tips on protecting your digital identity, visit CyberGuy.com for expert advice and resources.
