Under Armour Hit by Ransomware Attack, 72M Customer Records Leaked
Under Armour suffered a ransomware attack in November, with stolen customer data surfacing on a hacking forum this week. The breach exposed 72 million email addresses, along with additional personal details such as dates of birth and purchase histories. While 76% of the emails were already part of previously leaked datasets, the inclusion of enriched data like transaction records heightens the risk of targeted phishing and identity theft.
The incident underscores the growing threat of ransomware attacks that not only encrypt data but also exfiltrate sensitive information for extortion or resale. The leaked records could be exploited for fraudulent schemes, particularly given the combination of contact details and behavioral data. Under Armour has not publicly disclosed further details on the attack’s scope or response efforts.
Source: https://www.linkedin.com/feed/update/urn:li:activity:7419632309571571712
Under Armour cybersecurity rating report: https://www.rankiteo.com/company/under-armour
"id": "UND1768994837",
"linkid": "under-armour",
"type": "Ransomware",
"date": "11/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '72 million',
'industry': 'Apparel, Fitness',
'name': 'Under Armour',
'type': 'Company'}],
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': '72 million',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Email addresses',
'Dates of birth',
'Purchase histories']},
'description': 'Under Armour suffered a ransomware attack in November, with '
'stolen customer data surfacing on a hacking forum this week. '
'The breach exposed 72 million email addresses, along with '
'additional personal details such as dates of birth and '
'purchase histories. While 76% of the emails were already part '
'of previously leaked datasets, the inclusion of enriched data '
'like transaction records heightens the risk of targeted '
'phishing and identity theft.',
'impact': {'data_compromised': '72 million email addresses, dates of birth, '
'purchase histories',
'identity_theft_risk': 'High'},
'initial_access_broker': {'data_sold_on_dark_web': 'Yes'},
'motivation': 'Extortion, Data Resale',
'ransomware': {'data_exfiltration': 'Yes'},
'references': [{'source': 'Cyber Incident Description'}],
'title': 'Under Armour Hit by Ransomware Attack, 72M Customer Records Leaked',
'type': 'Ransomware'}