UNDER Armour is investigating a data breach after 72 million customer records were posted online, with claims linked to the Everest ransomware group. The Everest gang allegedly extorted and exfiltrated about 343GB of data in November 2025, and the matter was later validated by Have I Been Pwned, which flagged the 72 million email addresses published in January 2026.
The compromised data reportedly includes customers’ dates of birth, email addresses, genders, geographic locations, names and purchase information, while Under Armour says payment systems and passwords were not affected and only a very small percentage of customers may have had sensitive information exposed. TechCrunch reported that Under Armour is investigating the breach with help from external cybersecurity experts. The company denies that tens of millions of sensitive records were compromised. The article notes that the breach arises from the November 2025 incident and that public posting of data occurred in January 2026.