Under Armour Data Breach Impacts 72 Million Consumers Exposing PII

Under Armour, Inc. is a Maryland-based sportswear company currently investigating a data breach that could affect millions of consumers. According to Cyber Insider, the breach is alleged to have occurred sometime in late 2025, involving unauthorized access to sensitive files on the company's network.

The ransomware group Everest is reportedly responsible for the breach by analysts, according to Have I Been Pwned. The group made a post on the tor network, claiming to have stolen 343 GB of personal data.

Due to the company's lack of official disclosure regarding the incident, not much is currently known about the information types that were exposed and the exact number of individuals impacted. However, the breach could impact more than 72 million individuals, potentially exposing sensitive PII such as names, dates of birth, genders, email addresses, physical addresses, zip codes, and purchase history.

Under Armour's response

As of now, Under Armour has not publicly acknowledged the incident or confirmed the ransomware group's claims. Reports indicate the company is allegedly aware of the incident, but no official statements have been released nor have affected individuals received written notices.

Individuals who believe they might have been affected are strongly encouraged to monitor their accounts for suspicious activity, review account statements and credit reports, and consider placing a fraud alert or credit freeze on their credit files.