Under Armor, the clothing and fitness data company, said it is investigating claims of a data breach after cybercriminals posted millions of customer records on a hacker forum.
The seller told TechCrunch that the data was obtained in a data breach in November, which the Everest ransomware group claimed responsibility for in a post on the dark web leak site at the time.
News of the data theft became even more public this week after breach notification site Have I Been Pwned obtained a copy of the stolen data and notified 72 million individuals via email that their information had been compromised.
According to Have I Been Pwned, the stolen Under Armor dataset included customers' approximate location based on name, email address, gender, date of birth, and zip code. The data also included information about purchases.
The seller provided TechCrunch with a sample of the stolen data, which appeared to include millions of records of Under Armor customer purchases, matching the type of data that Have I Been Pwned was reporting. The stolen data includes a series of email addresses belonging to Under Armor employees.
When asked for comment, Under Armor spokesperson Matt Dornick told TechCrunch that the company is “aware of allegations that certain data was obtained by an unauthorized third party.”
“An investigation into this issue is ongoing with the assistance of external cybersecurity experts. Importantly, at this time there is no evidence to suggest that this issue has impacted UA.com or the systems used to process payments or store customer passwords,” the spokesperson added.
“What we know at this point is that the number of affected customers who have any type of information that could be considered sensitive is a very small percentage,” Dornick said.
A spokesperson did not immediately respond to a follow-up email asking what kind of customer information Under Armor considers “sensitive” information, nor did it provide exact numbers on how many customers are affected by the breach.
“Suggestions that sensitive personal information of tens of millions of customers has been compromised are unsubstantiated,” the spokesperson said.
Under Armor did not say whether it plans to notify customers whose information was compromised. The company did not say whether it had received any ransom demands or other communications from the hackers.