Under Armour investigating data breach affecting 72 million customers

Clothing retailer Under Armour is investigating a data breach that exposed 72 million customer email addresses and personal information, the Baltimore-based company said. The breach, believed to have occurred in late 2025, included customer names, genders, birthdates and ZIP codes, but no passwords or financial information, according to company officials and cybersecurity experts.

Under Armour said in a statement that “We have no evidence to suggest this issue has affected UA.com or systems used to process payments or store customer passwords. Any implication that sensitive personal information of tens of millions of customers has been compromised is unfounded.”

Expert Confirms the Company’s Claims

The company acknowledged the incident after the cybersecurity website Have I Been Pwned posted information about the breach. Troy Hunt, the site’s CEO, agreed with Under Armour’s assertion that passwords and financial information remain uncompromised based on the evidence available so far.

An Unusual Lack of Disclosure

Hunt expressed surprise at the absence of an official disclosure statement from Under Armour. “That’s unusual, especially given the size of the organisation, the scale of the breach and the amount of time that has passed since the incident,” Hunt, based in Australia, wrote by email.

Understanding the Challenges

Hunt acknowledged the challenges facing Under Armour as the victim of a cyberattack. “In their defence, they’re also the corporate victim of malicious criminal activity and I’m sure they’ve had their hands full dealing with the fallout,” he said.

Article generated under CC0 license. Generated by Main Street Independent News Article Generator. Methodology.