UnderArmour

underarmour.com

73,065,604
Exposed Records
Nov 2025
Breach Date
8 months ago
Unknown
Password Risk
Retail industry
Retail
Industry
Added to XposedOrNot on February 14, 2026 · #34 of 763 breaches by records exposed

About This Breach

Under Armour, an American sportswear and athletic apparel brand, was claimed as a victim by the Everest ransomware group in November 2025 in an attempted extortion alleging access to 343GB of data. Customer data from the incident was later published publicly in January 2026, exposing 73M email addresses. Many records also contained additional personal information such as names, dates of birth, genders, geographic locations and purchase information.

Data Exposed

Email addresses
Names
Genders
Geographic locations
Dates of birth

Breach Details

Breach Type Data Breach
Searchable Yes
Verified Yes
Sensitive Data No
Reference No reference available

Frequently Asked Questions

When did the UnderArmour data breach happen?

UnderArmour was breached in Nov 2025. The breach was added to the XposedOrNot index on February 14, 2026.

How many records were exposed in the UnderArmour breach?

73,065,604 records were exposed, making it the #34 largest of the 763 breaches in our index.

What data was exposed in the UnderArmour breach?

The exposed data includes: Email addresses, Names, Genders, Geographic locations, Dates of birth.

What should I do if I was affected by the UnderArmour breach?

Change your password on the affected service (and anywhere you reused it), turn on two-factor authentication, and set up free breach alerts on XposedOrNot so you know the moment your email appears in a new breach.

What Should You Do?

High Priority

Enable Two-Factor Authentication

Add 2FA on all supported accounts using an authenticator app like Google Authenticator or Authy.

Recommended

Monitor Your Accounts

Set up login alerts and review account activity regularly for suspicious access.