Clothing and fitness data company Under Armour said it is investigating claims of a data breach after a cybercriminal posted millions of customer records to a hacker forum.
The seller told TechCrunch that the data was taken in a November data breach, which the Everest ransomware gang claimed responsibility for in a post on its dark web leak site at the time.
News of the data theft became more widely known this week after breach notification site Have I Been Pwned obtained a copy of the stolen data, and notified 72 million individuals by email that their information had been compromised.
Have I Been Pwned said the stolen Under Armour dataset included names, email addresses, genders, dates of birth, and customers’ approximate location based on postcode or ZIP code. The data also included information relating to purchases.
The seller provided TechCrunch with a sample of the stolen data, which appears to contain millions of records of Under Armour customer purchases and matched the types of data that Have I Been Pwned had reported. The stolen data contains reams of email addresses belonging to Under Armour employees.
When reached for comment, Under Armour spokesperson Matt Dornic told TechCrunch that the company is “aware of claims that an unauthorized third party obtained certain data.”
“Our investigation of this issue, with the assistance of external cybersecurity experts, is ongoing. Importantly, at this time, there’s no evidence to suggest this issue affected UA.com or systems used to process payments or store customer passwords,” the spokesperson added.
“What we know at this time is the number of affected customers with any sort of information that could be considered sensitive is a very small percentage,” said Dornic.
The spokesperson did not immediately respond to a follow-up email asking what types of customers’ information Under Armour considers “sensitive” information, nor did he provide an accurate figure of how many customers are affected by the breach.
“Any implication that sensitive personal information of tens of millions of customers has been compromised is unfounded,” the spokesperson said.
Under Armour did not say if it planned to notify customers whose information was compromised. It did not say if it had received any correspondence from the hackers, such as a demand for ransom.
Originally published at TechCrunch
