Under Armour Breach Hits 72M Users

Sportswear giant Under Armour faces intense scrutiny after ransomware group Everest claimed to leak data from nearly 72 million customers onto the dark web.

Reports surfaced in November 2025 when Everest announced breaching Under Armour. The group alleged the company ignored ransom demands, prompting data dumps across hacker forums.

Under Armour issued vague statements about "ongoing investigations" and "potential impact," leaving customers in limbo. A US class action lawsuit now accuses negligence in data protection.

Everest claims 191 million records exposed, including 72 million unique emails with names, phones, addresses, gender, and purchase histories. Samples shared widely suggest legitimacy.

Cybersecurity analysts note ransomware groups rarely bluff post-publication. Everest's "database leaked" status signals substantial customer—and possibly employee—data circulation.

Victims face phishing spikes, identity theft, and account takeovers. Experts urge immediate password changes, 2FA activation, phishing vigilance, and credit monitoring.

Ransomware now targets consumer brands relentlessly. Large dataset leaks create perpetual threats—phishing lists fuel scams for years post-breach.

Under Armour's opacity amplifies damage. Swift transparency could have mitigated panic, but silence fuels lawsuits and eroding trust.