Skip to content
Cyber Breaches
Search
Data breachResolved

Under Armour data breach (2025)

In November 2025, the Everest ransomware group claimed Under Armour as a victim and attempted to extort a ransom, alleging they had obtained access to 343GB of data. In January 2026, customer data from the incident was published publicly on a popular hacking forum, including 72M email addresses.

Victim
Under Armour
records
72.7M
SectorMedia

Imported from Have I Been Pwned — pending editorial review and translation to French. The summary below is machine-extracted; consult the source for details.

In 2025-11-17, Under Armour was affected by a data breach. Approximately 72,742,892 accounts were exposed. In November 2025, the Everest ransomware group claimed Under Armour as a victim and attempted to extort a ransom, alleging they had obtained access to 343GB of data. In January 2026, customer data from the incident was published publicly on a popular hacking forum, including 72M email addresses.

Sources

  1. haveibeenpwned.comhttps://haveibeenpwned.com/PwnedWebsites#UnderArmour
  2. underarmour.comhttps://underarmour.com

Related incidents

Data breachResolved

Pass'Sport data breach (2025)

In December 2025, data from France's Pass'Sport program was posted to a popular hacking forum. Initially misattributed to CAF (the French family allowance fund), the data contained 6.5M unique email addresses affecting 3.5M households.

Victim
Pass'Sport
Records
6.4M
Data breachResolved

APOIA.se data breach (2025)

In December 2025, a database of the Brazilian crowdfunding platform APOIA.se was posted to an online forum. In January 2026, the company confirmed it had suffered a data breach. The incident exposed 451k unique email addresses along with names and physical addresses.

Victim
APOIA.se
Records
450.8K
Data breachResolved

CodeStepByStep data breach (2025)

In November 2025, the online coding practice tool CodeStepByStep suffered a data breach that exposed 17k records which were subsequently published online. The following month, a further corpus of data was released bringing the total to 103k.

Victim
CodeStepByStep
Records
103.1K
Data breachResolved

Operation Endgame 3.0 data breach (2025)

Between 10 and 13 November 2025, the latest phase of Operation Endgame was coordinated from Europol's headquarters in The Hague. The actions targeted one of the biggest infostealer Rhadamanthys, the Remote Access Trojan VenomRAT, and the botnet Elysium, all of which played a key role in…

Victim
Operation Endgame 3.0
Records
2.0M