Apparel and fitness data company Under Armor says it is investigating claims of a data breach after cybercriminals posted millions of customer records to a hacking forum.
The vendor told TechCrunch that the data was taken in the November data breach, which the Everest ransomware gang claimed responsibility for in a post on a dark web leak site at the time.
News of data theft became more prominent this week after breach notification site Have I Been Requested obtain a copy of the stolen dataand notified 72 million individuals via email that their information had been compromised.
Already I Been Pwned says the stolen Under Armor dataset includes the name, email address, gender, date of birth, and approximate location of customers based on zip or zip codes. The data also includes information related to the purchase.
The seller provided TechCrunch with a sample of the stolen data, which appears to contain millions of records of Under Armor customer purchases and matches the types of data that have been reported. The stolen data contained multiple email addresses belonging to Under Armor employees.
When reached for comment, Under Armor spokesman Matt Dornic told TechCrunch that the company is “aware of claims that an unauthorized third party obtained certain data.”
“The investigation into this issue, with the help of external cybersecurity experts, is ongoing. Importantly, at this time, there is no evidence to suggest that this issue has affected UA.com or the systems used to process payments or store customer passwords,” the spokesperson added.
“What we know at this point is that the number of customers affected with any information that could be considered sensitive is a small percentage,” Dornic said.
The spokesperson did not immediately respond to a follow-up email asking what type of customer information Under Armor considered “sensitive” information, nor did it provide an accurate figure for how many customers were affected by the breach.
“Any implication that the sensitive personal information of tens of millions of customers has been compromised is unfounded,” the spokesperson said.
In Armor did not say if it plans to notify customers that the information is compromised. It does not say whether it has received any correspondence from hackers, such as ransom demands.