Key Takeaways
- Under Armour experienced a cyber incident in November 2025, resulting in the exposure of 72 million email addresses and personally identifiable data.
- The exposed dataset includes names, birthdates, genders, locations, and purchases, which can be used for targeted schemes such as social engineering campaigns and fraud scams.
- The real impact of the incident may surface weeks or months later, once the incident is off people’s radar, and can be used to craft phishing messages that reference real orders and purchase behavior.
- Under Armour faces a lawsuit alleging the organization failed to properly protect sensitive customer information.
- The incident highlights the importance of protecting customer data and the potential long-term consequences of a data breach.
Introduction to the Incident
In November 2025, major retailer Under Armour experienced a significant cyber incident in which ransomware gang Everest extorted the company after claiming to have accessed 343GB of its data. This incident has had severe consequences, including the exposure of a large customer dataset. On January 21, 2026, according to Have I Been Pwned, a website that verifies if email addresses have been exposed in breaches, the customer dataset from the incident was published on a hacking forum. The exposed dataset includes 72 million email addresses, which is a significant concern for the company and its customers.
The Extent of the Data Exposure
The exposed dataset not only includes email addresses but also personally identifiable data such as names, birthdates, genders, locations, and purchases. This combination of personal data and purchase histories could allow malicious actors to exploit the information in long-term, targeted schemes such as social engineering campaigns, fraud scams, or more. The extent of the data exposure is alarming, and it highlights the importance of protecting customer data. Rob Babb, Exposure Management Strategist at Seemplicity, states that the most important thing to understand about incidents like this isn’t the sheer number of emails exposed, but what those addresses unlock next.
The Potential Consequences of the Incident
According to Babb, the exposure of 72 million emails is only the tip of the iceberg. With a verified list tied to a real brand, attackers can use AI to craft phishing messages that reference real orders, transaction IDs, and purchase behavior, blurring the line between fraud and legitimate communication. This can lead to a range of malicious activities, including social engineering campaigns and fraud scams. The real impact of the incident may surface weeks or months later, once the incident is off people’s radar. This is because malicious actors can use the exposed data to launch targeted attacks that are designed to deceive and manipulate customers.
The Lawsuit Against Under Armour
The release of the customer dataset follows news that Under Armour faces a lawsuit due to this incident, alleging the organization failed to properly protect sensitive customer information. The lawsuit highlights the importance of protecting customer data and the potential consequences of a data breach. Companies have a responsibility to protect their customers’ data, and failure to do so can result in severe consequences, including legal action and damage to the company’s reputation.
The Importance of Protecting Customer Data
The incident highlights the importance of protecting customer data and the potential long-term consequences of a data breach. Companies must take steps to protect their customers’ data, including implementing robust security measures and ensuring that customer data is handled and stored securely. This includes using encryption, secure authentication protocols, and regular security audits to ensure that customer data is protected. Additionally, companies must have incident response plans in place to quickly respond to data breaches and minimize the damage.
Conclusion and Recommendations
In conclusion, the Under Armour cyber incident highlights the importance of protecting customer data and the potential long-term consequences of a data breach. The exposure of 72 million email addresses and personally identifiable data is a significant concern, and it highlights the need for companies to take steps to protect their customers’ data. To prevent similar incidents, companies should implement robust security measures, ensure that customer data is handled and stored securely, and have incident response plans in place. Additionally, customers should be aware of the potential risks of data breaches and take steps to protect themselves, including using strong passwords, monitoring their accounts for suspicious activity, and being cautious when clicking on links or providing personal information online. By taking these steps, companies and customers can help to prevent data breaches and minimize the damage caused by cyber incidents.