HomeNewsBreachesAbout
Account
under-armour-2025

Under Armour Breach

Nov 24, 2025

74,967,293 rows

Added on Dec 11, 2025

Search the Leak

Email
Full Name

What happened in the Under Armour Breach?

DataBreach.com Team · December 10th 2025, 7:00 pm EST

Overview

In November 2025, the Everest ransomware group claimed responsibility for a significant data breach targeting Under Armour. The group alleges it exfiltrated over 343 GB of sensitive internal and customer data. While Under Armour has confirmed it is investigating the incident, the company has not yet officially verified the full scope of the compromise.

The threat actors utilized "double extortion" tactics, threatening to leak the stolen data if a ransom was not paid. Following the expiration of a seven-day deadline, the group published download links to the alleged data on a dark web hacker forum.

Compromised Data

Internal analysis of the leaked data set indicates the presence of approximately 75,000,000 unique email addresses.

The compromised data reportedly includes:

  • Customer PII: Email addresses, phone numbers, and physical locations.
  • Transaction Data: Purchase histories and preferences.
  • Employee Data: Contact details, personnel files, and potentially passport information (unverified).
  • Corporate Data: Internal documents, product SKUs, and business intelligence.

Data likely NOT affected:

  • Payment card information (processed separately).
  • Government identifiers (e.g., Social Security Numbers).

Current Status & Legal Context

As of early December 2025, Under Armour has not admitted to the full scale of the breach. However, a class-action lawsuit has reportedly been filed regarding the alleged failure to protect consumer data. The incident remains classified as "Unverified" pending an official report from the victim organization.

For media inquiries, contact us at contact@databreach.com