A data set allegedly containing records for over 72 million Under Armour customers has surfaced on hacking forums. [1] The data breach notification service, Have I Been Pwned, has indexed 72.7 million unique email addresses from the leak, which reportedly also includes customer names, dates of birth, gender, geographic locations, and purchase histories. [1, 6]
The Everest ransomware group first claimed responsibility for an attack in November 2025, stating they had exfiltrated 343GB of data. [5, 9, 10] After a ransom was not paid, the data appeared online in January 2026. [1] Under Armour is already facing class-action lawsuits filed in late 2025 following the initial claims and has now stated it is aware of the situation. [5, 6]