Ransomware Hackers Leak Under Armour Customer Data

Russia-Linked Ransomware Group Dumps Customer Data After Failed Extortion Attempt Mathew J. Schwartz (euroinfosec) • January 23, 2026

American sportswear company Under Armour is at the public relations stage of a ransomware attack following the publication of data pertaining to 72.7 million customers by a Russian-speaking cybercrime operation.

See Also: On-Demand | NYDFS MFA Compliance: Real-World Solutions for Financial Institutions

Ransomware group Everest first listed publicly-traded Under Armour as a victim on its data leak site last November, claiming it stole 343 gigabytes of data. Ransomware groups typically only ever list non-paying victims on their leak sites as a pressure tactic, after direct threats have failed. Such listings also help pressure future victims into caving quickly to the criminals' extortion demands, lest they suffer the same data-leaking fate (see: Ransomware Groups' Data Leak Blogs Lie: Stop Trusting Them).

Have I Been Pwned, a free data breach notification service, said ...