Under Armor, the sportswear and fitness brand, is currently looking into claims of a significant data breach after customer records appeared on a hacker forum. The company has been alerted as millions of individuals received notifications suggesting their personal information might have been compromised. They mention that an investigation is underway, but cybersecurity experts suggest that the leaked data might include information related to customer transactions.
According to the breach alert service, Have I Been Pwned, the leaked dataset includes about 72 million associated email addresses. This revelation raises fresh concerns over how consumer data could be potentially exploited long after such breaches happen.
Details About the Under Armor Data Breach
The compromised information is linked to a ransomware attack that occurred in November 2025, which was claimed by the Everest Samware Group. This group threatened Under Armor with a blackmail scheme involving the release of internal documents. In January 2026, data from this incident was shared on a major hacking platform, and Have I Been Pwned later received a copy of the data, alerting affected users via email. Reportedly, the seller stated that these stolen files stem from the November breach, comprising millions of customer records.
What Data Was Leaked?
The exposed dataset reportedly contains various types of personal information. While payment card details haven’t been confirmed in the leak, the information still holds significant value for cybercriminals.
Some of the compromised information may include:
- Email addresses
- Names
- Dates of birth
- Purchase history
Additionally, email addresses belonging to Under Armor employees were also found in the dataset, increasing the risk of targeted phishing attacks.
Under Armor’s Response
An Under Armor spokesperson reported that the company is aware of claims regarding unauthorized data access and is actively investigating the issue with the help of external cybersecurity experts. They stressed that, so far, there’s no indication that this incident impacted UA.com or any systems handling payment processes or storing customer passwords. They’re prioritizing the security of their systems and data and are treating the matter seriously.
Why This Breach is Important
Even in the absence of password or payment details, this data breach poses substantial risks. Basic information such as names, email addresses, dates of birth, and purchase histories can be exploited to create convincing scams. Cybercriminals often leverage genuine purchases and account details to manipulate victims. Consequently, phishing emails might look credible and urgent, making users more likely to fall for them. Over time, this exposed data can merge with other breaches, leading to detailed identity profiles that are harder for individuals to defend against.
Check if Your Password Was Stolen
To see if your email has been impacted, you can visit the Have I Been Pwned website. This is the official platform for checking if your information is part of this new dataset. Just enter your email address and see if your data has been compromised.
Steps to Stay Safe After the Under Armor Breach
If you received an alert about the breach or have reasons to believe your information might have been involved, taking prompt action can help mitigate future risks.
1) Change Any Reused Passwords
If your password is the same across multiple sites, it’s crucial to change it right away. Even though Under Armor claims passwords weren’t affected, the exposed email addresses could still be targeted. Using a password manager can simplify this process. Create strong, unique passwords for each account and store them safely. This way, a single breach won’t compromise your other accounts.
2) Be Cautious of Phishing Emails
After a breach, cybercriminals often act fast. You might receive phishing emails pretending to be from Under Armor or related brands. Be careful with any messages claiming issues with your account or purchases. Avoid clicking on links or opening attachments from unexpected emails. If you need to check your account, go directly to the official website instead.
3) Enable Two-Factor Authentication
Two-factor authentication (2FA) adds a layer of security. Even if someone gets hold of your password, an additional step is required to access your account. Start with your email, and then enable it on other important accounts.
4) Monitor Account Activity
After a breach, attackers often test stolen emails on different sites, which can trigger unsolicited password reset requests. Stay vigilant about these alerts. If you receive one, take immediate action by changing your password and reviewing any recent activity.
5) Be Wary of Messages About Past Purchases
The leaked information includes purchase details, making potential scams seem more plausible. Treat any urgent messages about your purchases with suspicion, as legitimate companies do not require immediate responses through email or text.
6) Consider Using Data Deletion Services
Over time, leaked personal information can end up with data brokers, which can be used for targeted scams. Data deletion services can help request the removal of information from such databases, making it more challenging for criminals to compile detailed profiles.
While no service can guarantee complete removal of your data from the Internet, opting for a data deletion service is a wise decision. They actively monitor your data and remove it from several sites, offering peace of mind and reducing the risk of potential exploitation.
Employing these strategies can help protect you in the aftermath of the Under Armor data breach and beyond.
