Athleisure clothing firm Under Armour is investigating a data breach after 72 million alleged customer records were posted online by a cybercriminal group.
On January 21, data breach tracking website Have I Been Pwned listed a new incident it said affected Under Armour.
The breach allegedly occurred in November 2025 when the Everest ransomware group added the clothing brand as a victim and claimed to have obtained access to 343GB of data.
On January 18, 2026, reports emerged that customer data from the incident was published publicly on a popular hacking forum, including 72 million email addresses.
According to Have I Been Pwned, the compromised data also includes personal information such as names, dates of birth, genders, geographic locations and purchase information.
Purchase information relates to data on items individuals may have purchased, payment card information has not been specifically mentioned as part of the data breach.
Other reports mentioned that phone numbers, physical addresses, browsing behavior on Under Armour’s websites and even some employee contact information may have been leaked.
Speaking to Infosecurity, an Under Armour representative confirmed the company is currently investigating claims that an unauthorized third party obtained customer data, with the collaboration of external cybersecurity experts.
“At his time, there’s no evidence to suggest this issue affected UA.com or systems used to process payments or store customer passwords. Any implication that sensitive personal information of tens of millions of customers has been compromised is unfounded,” the spokesperson said.
“The security of our systems and data is a top priority for UA, and we take this issue very seriously,” they added.
Image credits: 2p2play / Cineberg / Shutterstock
