Approximately 72.7 million Under Armour accounts have been added to the Have I Been Pwned database following an alleged ransomware attack. The leaked data, reportedly released by the Everest ransomware group, includes personal details like names, birthdays, and purchase histories that the company has not yet officially acknowledged.

The data breach platform Have I Been Pwned recently processed a massive collection of files linked to 72.7 million Under Armour accounts. These records were reportedly made public on January 18 by a member of the Everest ransomware group via an online cybercrime forum. The security site confirmed that the exposed information includes sensitive personal details such as full names, email addresses, dates of birth, and genders. Additionally, geographic locations and specific records of previous customer purchases were part of the data set ingested by the platform.

Despite the scale of the leak, Under Armour has remained silent regarding the situation. The athletic apparel company did not provide a statement when rumors of the breach first surfaced in November, and it has continued to ignore more recent inquiries for comment. The silence persists even as the Everest group follows through on threats made two months ago when it first listed the company on its extortion site. At that time, the attackers demanded an undisclosed ransom payment within a seven-day window to prevent the release of the stolen information.

The scope of the data compromised may actually be broader than what has been verified by security researchers so far. While Have I Been Pwned focused on specific verified fields, the Everest group claims to have stolen even more intimate data. According to the hackers, the cache includes customer phone numbers, physical home addresses, and details regarding loyalty program memberships and preferred retail locations. This discrepancy suggests that the impact on individual privacy could be more significant than initially reported.

Legal consequences for the company began shortly after the initial threats were made public. The law firm Chimicles Schwartz Kriner and Donaldson-Smith filed a proposed class action lawsuit on behalf of a customer, Orvin Ganesh, citing the company's failure to protect consumer data. This legal pressure adds to the mounting scrutiny facing Under Armour as security experts analyze the contents of the massive file dump and its potential long-term risks for the affected millions of users.

The Everest ransomware group is well known for targeting high-profile entities and critical infrastructure. Their previous victims include organizations such as Collins Aerospace, the Swedish power grid, and various branches of the Brazilian government. Most recently, the electronics manufacturer Asus confirmed it suffered a compromise linked to Everest, which gained access to internal files through a third-party supplier. The attack on Under Armour follows this established pattern of aggressive data exfiltration and public shaming used by the group to pressure targets.

Source: Everest Ransomware Gang Said To Hold Massive Amounts Of Under Armour Data