Under Armour said it is investigating claims that customer data was stolen after a cybercriminal advertised millions of records on a hacker forum, following reports that the information originated from a breach last year.
Stolen Data Linked To November Breach
The seller of the data told TechCrunch that the information was taken during a November data breach. The Everest ransomware group claimed responsibility for the incident at the time, posting about the breach on its dark web leak site.
The issue gained wider attention this week after breach notification service Have I Been Pwned obtained a copy of the stolen dataset. The service said it notified 72 million individuals by email that their information may have been compromised.
Scope Of Information Exposed
Have I Been Pwned said the dataset contained Under Armour customer names, email addresses, gender information, dates of birth, and approximate location data based on postcode or ZIP code. The records also included purchase-related information.
The seller provided TechCrunch with a sample of the data, which appeared to contain millions of customer purchase records and matched the data categories described by Have I Been Pwned. The dataset also included large numbers of email addresses associated with Under Armour employees.
Company Response And Investigation
Under Armour confirmed it is reviewing the claims. In a statement to TechCrunch, company spokesperson Matt Dornic said Under Armour is aware of allegations that an unauthorized third party accessed certain data.
Dornic said the company’s investigation is ongoing with the support of external cybersecurity experts. He added that there is no evidence at this stage that the incident affected UA.com, payment processing systems, or customer passwords.
Questions Around Impact And Notifications
According to Dornic, the number of affected customers whose information could be considered sensitive represents a very small percentage of the total dataset. He said suggestions that sensitive personal information belonging to tens of millions of customers was compromised are unfounded.
Under Armour did not clarify what types of data it considers sensitive and did not provide a specific number of affected customers. The company also did not say whether it plans to notify individuals whose information may have been exposed or whether it received ransom demands from the attackers.
Featured image credits: Wikimedia Commons
For more stories like it, click the +Follow button at the top of this page to follow us.