NEWYou can now take heed to Fox News articles!
Sportswear and health model Under Armour is investigating claims of an enormous data breach after buyer information had been posted on a hacker discussion board.
The breach grew to become broadly identified after millions of folks obtained alerts warning their data might have been compromised. While Under Armour says its investigation is ongoing, cybersecurity researchers reviewing the leaked data say it seems to incorporate private particulars probably linked to buyer purchases.
According to breach notification service Have I Been Pwned, the dataset incorporates e mail addresses linked to roughly 72 million folks, prompting the group to inform affected users instantly. The scale of the publicity has raised new issues about how client data might be misused lengthy after a breach happens.
Sign up for my FREE CyberGuy Report
Get my greatest tech ideas, pressing safety alerts and unique offers delivered straight to your inbox. Plus, you will get on the spot entry to my Ultimate Scam Survival Guide – free while you be a part of my CYBERGUY.COM e-newsletter.
THIRD-PARTY BREACH EXPOSES CHATGPT ACCOUNT DETAILS
Millions of Under Armour prospects had been alerted after stolen account data surfaced on a hacker discussion board, bringing the breach into public view. (Thomas Trutschel/Photothek by way of Getty Images)
What occurred within the Under Armour data breach
The stolen data is reportedly linked to a ransomware assault that occurred in November 2025. At the time, the Everest ransomware group claimed accountability and tried to extort Under Armour by threatening to leak inner information. In January 2026, buyer data from that incident appeared publicly on a well-liked hacking discussion board. Soon after, breach notification service Have I Been Pwned obtained a duplicate of the data and alerted affected users by e mail. According to stories, the vendor claimed the stolen information got here instantly from the November breach and included millions of buyer information.
What data was uncovered
The leaked dataset reportedly features a broad vary of private data. While cost card particulars haven’t been confirmed, the uncovered data remains to be priceless to cybercriminals.
Compromised data might embrace:
Researchers additionally discovered e mail addresses belonging to Under Armour workers throughout the data. That will increase the danger of focused phishing and enterprise e mail compromise scams.
Under Armour’s response up to now
“We are aware of claims that an unauthorized third party obtained certain data,” an Under Armour spokesperson instructed CyberGuy. “Our investigation of this issue, with the assistance of external cybersecurity experts, is ongoing. Importantly, at this time, there’s no evidence to suggest this issue affected UA.com or systems used to process payments or store customer passwords. Any implication that sensitive personal information of tens of millions of customers has been compromised is unfounded. The security of our systems and data is a top priority for UA, and we take this issue very seriously.”
Why this breach issues
Even with out passwords or cost particulars, this breach nonetheless poses critical dangers. Names, e mail addresses, start dates and buy historical past can be utilized to create extremely convincing scams. Cybercriminals typically reference actual purchases or account particulars to realize belief. As a outcome, phishing emails tied to this breach might seem legit and pressing. Over time, uncovered data like this will also be mixed with different breaches to construct detailed identification profiles which are tougher to guard in opposition to.
How to test in case your passwords had been stolen
To see in case your e mail was affected, go to the Have I Been Pwned web site. It is the primary and official supply for this newly added dataset. Enter your e mail tackle to seek out out in case your data seems within the leak. When completed, come again right here for Step 1 under.
Ways to remain secure after the Under Armour data breach
If you obtained a breach alert or imagine your data could also be included, taking motion now can cut back your threat later.
1) Change reused passwords and use a password supervisor
If you reused the identical password on different websites, change these passwords instantly. Even if Under Armour says passwords weren’t affected, uncovered e mail addresses are sometimes utilized in follow-up assaults. A password supervisor makes this simpler. It creates robust, distinctive passwords for every account and shops them securely. That means, one breach can’t unlock a number of accounts.
The leaked data reportedly contains e mail addresses, start dates and buy particulars, which might be exploited in focused phishing scams. (Kurt “CyberGuy” Knutsson)
Next, see in case your e mail has been uncovered in previous breaches. Our No. 1 password supervisor choose features a built-in breach scanner that checks whether or not your e mail tackle or passwords have appeared in identified leaks. If you uncover a match, instantly change any reused passwords and safe these accounts with new, distinctive credentials.
Check out the perfect expert-reviewed password managers of 2026 at Cyberguy.com.
2) Watch for phishing emails tied to Under Armour
Cybercriminals typically transfer quick after a breach. As a outcome, emails that seem to return from Under Armour or health manufacturers might land in your inbox. Be cautious of messages that declare there is a matter along with your account or a latest buy. Do not click on hyperlinks or open attachments in sudden emails. Instead, go on to the corporate’s official web site if you’ll want to test your account. Using robust antivirus software program may also assist block malicious hyperlinks and attachments earlier than they trigger hurt.
ILLINOIS DHS DATA BREACH EXPOSES 700K RESIDENTS’ RECORDS
The greatest solution to safeguard your self from malicious hyperlinks that set up malware, probably accessing your personal data, is to have robust antivirus software program put in on all of your gadgets. This safety may also provide you with a warning to phishing emails and ransomware scams, preserving your private data and digital belongings secure.
Get my picks for the perfect 2026 antivirus safety winners for your Windows, Mac, Android and iOS gadgets at Cyberguy.com.
3) Turn on two-factor authentication all over the place you possibly can
Two-factor authentication (2FA) provides an additional layer of safety. Even if somebody will get your password, they nonetheless want a second step to log in. Turn it on for e mail accounts first. Then allow it for purchasing, health and monetary accounts. This single step can cease many account takeover makes an attempt linked to breached data.
4) Monitor for password reset makes an attempt and account alerts
After a breach, attackers typically take a look at stolen e mail addresses throughout a number of websites. That exercise can trigger password reset emails you didn’t request. Pay shut consideration to those alerts. If you see one, safe the account instantly by altering the password and reviewing latest exercise.
5) Be skeptical of messages that reference previous purchases
This breach included buy data, which makes scams extra convincing. Attackers might reference actual merchandise or order particulars to earn your belief. Treat any message that pressures you to behave shortly as suspicious. Legitimate firms don’t demand fast motion by e mail or textual content.
6) Reduce your publicity with a data removing service
Over time, uncovered private data typically finally ends up with data brokers. These firms acquire and promote profiles that scammers use for focusing on. A data removing service might help you request the deletion of your data from these databases. Reducing what’s publicly accessible makes it tougher for criminals to construct detailed profiles.
While no service can assure the whole removing of your data from the web, a data removing service can be a sensible alternative. They aren’t low cost, and neither is your privateness. These companies do all of the work for you by actively monitoring and systematically erasing your private data from a whole lot of web sites. It’s what provides me peace of thoughts and has confirmed to be the best solution to erase your private data from the web. By limiting the data accessible, you cut back the danger of scammers cross-referencing data from breaches with data they may discover on the darkish net, making it tougher for them to focus on you.
Check out my high picks for data removing companies and get a free scan to seek out out in case your private data is already out on the net by visiting Cyberguy.com.
Get a free scan to seek out out in case your private data is already out on the net: Cyberguy.com.
Security specialists warn that even with out cost data, uncovered private data can gas fraud lengthy after a breach is found. (Cheng Xin/Getty Images)
Kurt’s key takeaways
The Under Armour data breach is a reminder that even main world manufacturers can develop into targets. While cost programs seem unaffected, the publicity of private data nonetheless creates long-term dangers for millions of prospects. Data breaches typically unfold over time. What begins as leaked information can later gas scams, identification theft and focused assaults. Staying alert now can cut back the possibility of larger issues later.
If your private purchasing or health data had been uncovered in a breach like this, would you retain utilizing the model or transfer on to a competitor? Let us know by writing to us at Cyberguy.com.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report
Get my greatest tech ideas, pressing safety alerts and unique offers delivered straight to your inbox. Plus, you’ll get on the spot entry to my Ultimate Scam Survival Guide – free while you be a part of my CYBERGUY.COM e-newsletter.
Copyright 2026 CyberGuy.com. All rights reserved.
Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of expertise, gear and devices that make life higher along with his contributions for Fox News & FOX Business starting mornings on “FOX & Friends.” Got a tech query? Get Kurt’s free CyberGuy Newsletter, share your voice, a narrative thought or remark at CyberGuy.com.
