Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Under Armour Faces Data Breach After Extensive Customer Information Leak
Under Armour, the popular sportswear and fitness brand, is currently investigating claims of a significant data breach. This breach was brought to light when customer records were discovered posted on a hacker forum.
As a result of this incident, millions of customers received notifications indicating that their personal information might have been compromised. Although Under Armour has stated that its investigation remains ongoing, cybersecurity experts evaluating the leaked data suggest that it likely contains sensitive personal details connected to customer transactions.
Scale of the Breach Unveiled
According to the breach notification service Have I Been Pwned, the compromised dataset reportedly includes email addresses linked to an estimated 72 million individuals. Consequently, the organization has taken steps to alert affected users directly. This level of exposure has raised pressing questions surrounding the potential misuse of consumer data long after a breach has occurred.
Details of the Data Leak
The breach is believed to be associated with a ransomware attack that took place in November 2025. At that time, the Everest ransomware group claimed responsibility and attempted to extort Under Armour by threatening to disclose internal files. By January 2026, customer data from this incident was publicly available on a widely-used hacking forum. Shortly after, Have I Been Pwned acquired a copy of the data and began notifying users via email. Reports indicate that the seller asserted the stolen files originated from the November breach and included millions of customer records.
The leaked information encompasses a wide range of personal details. Although there has been no confirmation that payment card information was included, the exposed data remains valuable to cybercriminals.
Compromised Information May Include
- Names
- Email addresses
- Birth dates
- Purchase history
In a concerning development, researchers discovered email addresses belonging to Under Armour employees within the leaked data. This could heighten the risk of targeted phishing attacks and business email compromise scams.
A spokesperson for Under Armour commented, “We are aware of claims that an unauthorized third party obtained certain data. Our investigation, assisted by external cybersecurity experts, is ongoing. Importantly, at this time, there’s no evidence to suggest this issue affected UA.com or systems used to process payments or store customer passwords. Any implication that sensitive personal information of tens of millions of customers has been compromised is unfounded. The security of our systems and data is a top priority for UA, and we take this issue very seriously.”
Understanding the Risks
Even in the absence of passwords or payment details, this data breach poses significant risks. Personal information such as names, email addresses, and purchase histories can be utilized to create convincing scams. Cybercriminals commonly reference legitimate purchases or account details, aiming to establish trust with unsuspecting victims. As a result, phishing emails associated with this breach may seem authentic and urgent.
Over time, the exposed data can be combined with information from other breaches, enabling criminals to build detailed identity profiles that can be increasingly challenging to safeguard against.
What To Do If You Are Affected
If you received a breach alert or suspect that your information might be included in the exposed dataset, it is crucial to take immediate action to mitigate potential risks.
Firstly, if you reuse the same password across multiple sites, change those passwords without delay. Even if Under Armour insists that passwords were not impacted, exposed email addresses are often utilized in subsequent attacks. Utilizing a password manager can simplify this process, generating strong, unique passwords for each account and securely storing them.
Next, check if your email has been compromised in any previous data breaches. Our top recommendation for password managers includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If a match is discovered, promptly change any reused passwords and secure those accounts with new, distinct credentials.
Staying Vigilant Against Cyber Threats
Cybercriminals tend to act swiftly following a data breach. Therefore, remain cautious of emails that seem to originate from Under Armour or fitness brands that may appear in your inbox. Be wary of messages claiming there is an issue with your account or a recent purchase. Avoid clicking on links or opening attachments in such emails. Instead, visit the company’s official website to verify your account status directly. Strong antivirus software can also play a critical role in blocking malicious links and attachments before they cause harm.
To combat potential threats, ensure that you have reliable antivirus software installed on all your devices. This protection can alert you to phishing schemes and ransomware attacks, safeguarding your personal information and digital assets.
Two-Factor Authentication as a Key Defense
Consider enabling two-factor authentication (2FA) for an added layer of security. Even if a hacker gains access to your password, they would still require a second step to log in. Start by activating it for email accounts, and subsequently enable it for shopping, fitness, and financial platforms. Taking this simple step can prevent many account takeover attempts linked to data breaches.
Following a breach, attackers frequently conduct tests with stolen email addresses across multiple sites, sometimes triggering password reset emails that you did not initiate. Be vigilant regarding these alerts. If you receive one, secure your account right away by changing your password and reviewing recent activity.
Long-Term Consequences of Data Breaches
The exposed purchase information from this breach makes scams more credible and authentic. Attackers may reference specific products or order details to gain your trust. Treat any communication that pressures you for immediate action with caution. Reputable companies do not demand urgent responses via email or text.
Over time, exposed personal information often ends up in the hands of data brokers. These entities collect and sell profiles that scammers exploit for targeting purposes. Engaging a data removal service can assist you in requesting the deletion of your information from such databases. Reducing the amount of publicly available information makes it significantly more challenging for criminals to construct detailed profiles.
While no service can guarantee the complete erasure of your data from the internet, a data removal service is indeed a wise investment for protecting your privacy. Though they may involve costs, these services manage the active monitoring and systematic removal of your personal data from countless websites. Such measures provide peace of mind and are an effective way to safeguard your information. Limiting available data diminishes the likelihood of scammers cross-referencing information from breaches with data sourced from the dark web, making it harder for them to target you.
A Business Accountability Reminder
The Under Armour data breach serves as a stark reminder that even reputable global brands can become vulnerable targets. While payment systems appear unaffected by this breach, the exposure of personal data continues to present long-term risks for millions of customers. Data breaches tend to unfold gradually. What starts as a leak can evolve into substantial issues such as scams, identity theft, and focused cyber-attacks. Remaining vigilant now can lessen the chance of more significant problems in the future.
Should your personal shopping or fitness data have been compromised in a breach of this nature, would you continue supporting the brand or choose to switch to a competitor? We welcome your thoughts and feedback.
