Under Armour Data Breach

16/11/2025 · 72,742,892 records · moderate risk

0 /100

Gravity Score

Critical

Calculated based on the types of data exposed (6 categories) and the volume of affected records (72,742,892).

Ransomware incidents at major brands are not only about systems being locked. They often involve data theft first, followed by pressure tactics and eventual public release, which can put customers at risk long after the initial event.

The Everest ransomware group claimed Under Armour as a victim and attempted to extort a ransom, stating it had accessed a very large volume of data. Customer information tied to the incident was later published on a well known hacking forum.

The leaked data included a massive number of email addresses, and many records also contained names, dates of birth, gender, location details, and purchase information. When shopping history and identity fields are combined, it becomes easier to craft believable messages or confirm personal details.

Approximately 72 million unique email addresses were affected. The scale, plus the presence of birth dates and purchase context, increases the likelihood of targeted scams and long term misuse of the dataset.

Exposed data

Dates of birth Email addresses Genders Geographic locations Names Purchases

What to do based on this breach

Be cautious with emails that reference specific purchases, returns, or Under Armour coupons, since purchase data can be used to tailor scams

Update passwords on accounts that use the same email and enable two factor authentication, as large email lists are used for broad attacks

Review privacy and marketing preferences to reduce targeted outreach based on gender and location details

Monitor statements and orders for unexpected charges or purchases, especially if you keep saved addresses with online retailers

What can we learn from this breach?

This breach shows how profile details and purchase history can make scams more convincing even when direct payment card data is not included. Companies should segment and protect customer data, tightly control access to purchase records, and harden defences against data theft before ransomware encryption happens. Limiting retention of older data and providing timely, complete incident notices are also important practices.

Was your data exposed?

Check now if your email appears in this breach. It's free, takes 30 seconds and requires no signup.

Check my email

Related breaches

Raaga

14/12/2025 10,225,145 records high risk

5 data types in common

WIRED

07/09/2025 2,364,431 records moderate risk

5 data types in common

← All breaches