- Hackers released data they claim was stolen from Under Armor
- It includes personal information of customers and employees
- UA is the latest in a series of retailers attacked in recent months
Notorious ransomware group Everest has said sportswear maker and retailer Under Armor is its latest victim – with the group publishing what it claims is a sample of “over millions of personal data” and internal company data on a dark website.
The post from the dark leak site claims that hackers accessed and exfiltrated 343 GB of data from internal sources, noting: “The leak of your company’s internal documents contains a wide variety of personal documents and customer and employee information. »
The group gave Under Armor seven days to contact them, presumably to negotiate a ransom payment, posting a countdown clock with a warning to follow their instructions “before time runs out.”
Customers at risk
The data sample released by the hackers to verify the authenticity of the leak contained personally identifiable customer information, including email addresses, phone numbers, order histories, location data, and transaction data.
TechRadar Pro has reached out to Under Armor to confirm if the incident is legitimate, but we have yet to receive a response.
If the breach is legitimate, it could expose thousands of customers to risks, including identity theft, social engineering and fraud. So it’s important to look into identity theft protection software if you’re concerned, and to keep a close eye on your accounts and statements.
The key to protecting yourself against social engineering is to be wary of any unexpected communications – like text messages and emails from email addresses you don’t recognize – and to pay close attention to anything in the email that might not be legitimate – like an email from gma1l rather than gmail, for example.
If the ransom demand is legitimate, and unfortunately there appears to be no reason to believe it is not, then Under Armor will be the latest of more than 250 victims Everest Group has suffered since 2023, with high-profile disruptions – including affecting millions of passengers in an attack on a Dublin Airport supplier.
Via: Cybernews
The best identity theft protection for every budget
