Apparel and fitness data company Under Armor said it is investigating allegations of a data breach after millions of customer records were posted on hacker forums by a cybercriminal.
The vendor told TechCrunch that the data was obtained in a data breach in November, for which the Everest ransomware gang claimed responsibility in a post on its leaked dark web site at the time.
News of the data theft became more widely known this week after the breach alert site Have I Been Pwned obtained a copy of the stolen dataand notified 72 million people via email that their information had been compromised.
Have I Been Pwned said the stolen Under Armor data set included customers’ names, email addresses, gender, dates of birth and approximate location by zip or zip code. The data also included information about purchases.
The vendor provided TechCrunch with a sample of the stolen data, which appeared to contain millions of Under Armour’s customer purchase records and matched the types of data reported by Have I Been Pwned. The stolen data contains bundles of email addresses belonging to Under Armor employees.
When reached for comment, Under Armor spokesman Matt Dornic told TechCrunch that the company is “aware of allegations that an unauthorized third party obtained some data.”
“Our investigation into this issue, with the help of external cybersecurity experts, is ongoing. Importantly, there is currently no evidence to suggest that this issue affected UA.com or systems used to process payments or store customer passwords,” the spokesperson added.
“What we know right now is that the number of affected customers with any kind of information that could be considered sensitive is a very small percentage,” Dornic said.
The spokesperson did not immediately respond to a follow-up email asking what types of customer information Under Armor considers “sensitive” information, nor did it provide an exact number on how many customers are affected by the breach.
“Any suggestion that sensitive personal information of tens of millions of customers has been compromised is unfounded,” the spokesman said.
Under Armor did not say whether it planned to notify customers whose information was breached. He did not say whether he had received any mail from the hackers, such as a ransom demand.
