ShellCodeX Breach Report
Under Armour Data Breach
underarmour.com
Verified breach
Accounts exposed
72,742,892
Breach date
17 Nov 2025
Added to tracker
21 Jan 2026
Data classes
6
What happened
In November 2025, the Everest ransomware group claimed Under Armour as a victim and attempted to extort a ransom, alleging they had obtained access to 343GB of data. In January 2026, customer data from the incident was published publicly on a popular hacking forum, including 72M email addresses. Many records also contained additional personal information such as names, dates of birth, genders, geographic locations and purchase information.
Exposed data
Dates of birth
Email addresses
Genders
Geographic locations
Names
Purchases
Recommended actions
- Watch for targeted phishing emails referencing Under Armour — attackers weaponise breach data quickly.
- Exposed identity data raises identity-theft risk — consider credit monitoring or a credit freeze.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP