// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-hibpDTG 0600Z
ColdRecon / Breach Radar / Under Armour
Breach Record

Under Armour

DISCLOSED 2025-11-17 · STOLEN CREDS · 72,742,892 RECORDS EXPOSED

In November 2025, the Everest ransomware group claimed Under Armour as a victim and attempted to extort a ransom, alleging they had obtained access to 343GB of data. In January 2026, customer data from the incident was published publicly on a popular hacking forum, including 72M email addresses. Many records also contained additional personal information such as names,...

The record

What we know

Disclosed
2025-11-17
Attack vector
Stolen Creds
Records exposed
72,742,892
Domain
underarmour.com
Data classes exposed
Dates of birthEmail addressesGendersGeographic locationsNamesPurchases
Sources

Cited reporting

Similar vector · recent

Other stolen creds breaches on file

This page is the permanent ColdRecon entry for the Under Armour disclosure. It updates if new public reporting emerges. All tracked breaches →

Under Armour just lived through this. Your next prospect doesn't have to.

ColdRecon turns every disclosed breach into a daily intelligence brief from the seller's seat — normalized to the factors that move a deal, written in the Handler's voice. Request clearance and the first lands tomorrow at 0600.

Request Clearance →