Under Armour Company CyberSecurity Posture

underarmour.com
ISOSOC2 Type 1SOC2 Type 2PCI DSSHIPAAGDPR

Under Armour is obsessed with being better, stronger, and more focused than anyone else out there. Our mission: to make athletes better. Our vision: to inspire you with performance solutions you never knew you needed and can’t imagine living without. Our values define and unite us, the beliefs that are the red thread that connect everyone at Under Armour. Our values are rallying cries, reminding us why we’re here, and fueling everything we do. LOVE ATHLETES We believe in waking up every morning to make athletes legendary. From the best of the best to the ones just getting started, we put the athlete at the center of everything we do. We create fearlessly with the courage and conviction to defy convention. We innovate by taking bold and smart risks. We show up big where athletes train, compete, and recover. CELEBRATE THE WINS We believe our victories, big and small, bring us together as a team. We celebrate our accomplishments, giving credit where it's due. We take time to have fun. We channel past successes to inspire our next win. STAND FOR EQUALITY We believe sport is the great unifier. We don't sit on the sidelines; we speak up for fairness and equity. We treat each other with respect. We apply different perspectives in our work. We come together as a force for good to serve the communities we represent. ACT SUSTAINABLY We believe our work is not just what we do but how we do it. We work ethically and efficiently to perfect performance while reusing the Earth's resources. We seek new information to develop lasting solutions. We protect our planet for all who now play, and all who will play, on our home field. FIGHT ON TOGETHER We believe strength is built through tackling adversity. We act with an enterprise mindset in the best interest of the Brand. We help each other overcome obstacles. We act with integrity, have honest conversations and grow over mistakes. We approach challenges with positive intent and never quit.

Under Armour A.I CyberSecurity Scoring

Under Armour

Company Details

Linkedin ID:

under-armour

Website:

http://www.underarmour.com

Employees number:

12,231

Number of followers:

934,816

NAICS:

448

Industry Type:

Retail Apparel and Fashion

Homepage:

underarmour.com

IP Addresses:

Scan still pending

Company ID:

UND_8402120

Scan Status:

In-progress

AI scoreUnder Armour Risk Score (AI oriented)

Between 0 and 549

https://images.rankiteo.com/companyimages/under-armour.jpeg
Under Armour Retail Apparel and Fashion
Updated:
  • Powered by our proprietary A.I cyber incident model
  • Insurance preferes TPRM score to calculate premium
globalscoreUnder Armour Global Score (TPRM)

XXXX

https://images.rankiteo.com/companyimages/under-armour.jpeg
Under Armour Retail Apparel and Fashion
  • Instant access to detailed risk factors
  • Benchmark vs. industry & size peers
  • Vulnerabilities
  • Findings

Under Armour

Critical
Current Score
529
C (Critical)
01000
2 incidents
0 avg impact

Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.

DECEMBER 2025
529
NOVEMBER 2025
525
Ransomware
18 Nov 2025 • Under Armour
Everest Ransomware Attack on Under Armour

The Everest Ransomware group executed a high-profile attack on Under Armour, exfiltrating **340 GB of sensitive data**, including **customer PII (email addresses, phone numbers, physical locations, passport details, gender info, purchase histories)** and **internal company data (product SKUs, marketing/sales strategies)**. The group employed **double extortion**, encrypting systems while threatening to sell the stolen data on the dark web if a **Monero (XMR) ransom** is not paid within **7 days**. The breach exposes Under Armour to severe risks: **identity theft, financial fraud, reputational damage**, and **competitive intelligence leaks**. The attack leverages **AES+DES encryption**, with Russian-language code suggesting geopolitical targeting avoidance. Under Armour’s silence on the incident heightens uncertainty, while the stolen data’s sensitivity—particularly **passport details and precise location data**—raises concerns over compliance violations and long-term customer trust erosion. The group’s shift from Bitcoin to **Monero** underscores its focus on evading law enforcement tracking, amplifying the threat’s sophistication.

526
critical --1
UND3492734111825
Incident Details -
Type
Data Breach Ransomware Attack Double Extortion
Motivation
Financial Gain Data Theft for Dark Web Sale
Impact
Brand Reputation Impact: High (potential severe damage due to sensitive data exposure and internal business strategy leaks) Identity Theft Risk: High (due to exposure of PII, passport details, and location data)
Data Breach
Personal Identification Information (PII): email addresses, phone numbers, physical location data Sensitive Documents: passport details, gender information, purchase histories Internal Company Data: product SKUs, marketing data, sales data Sensitivity Of Data: High (includes PII, passport details, and internal business data)
Lessons Learned
Ransomware groups are evolving with double extortion tactics (encryption + data theft). Use of privacy-focused cryptocurrencies (e.g., Monero) complicates ransom tracing. Companies must reassess data storage practices, especially for highly sensitive PII (e.g., passport details). Geopolitical motivations may influence target selection (e.g., avoidance of Russian-speaking regions). Public silence post-breach can exacerbate reputational and operational risks.
Recommendations
Implement robust encryption for stored sensitive data (e.g., PII, internal documents). Adopt multi-layered ransomware defenses, including behavioral analysis and anomaly detection. Develop and test incident response plans specifically for double extortion scenarios. Monitor dark web for leaked data and proactively notify affected customers. Conduct third-party audits of data handling practices to identify unnecessary storage of high-risk information. Evaluate cryptocurrency transaction monitoring tools to detect ransom payments or dark web sales. Enhance employee training on phishing and social engineering, common initial access vectors for ransomware.
Investigation Status
['Ongoing (no public confirmation or details from Under Armour as of report)']
Initial Access Broker
Customer databases Internal marketing/sales data Data Sold On Dark Web: Threatened if ransom unpaid
Post Incident Analysis
Potential inadequate data encryption or access controls for sensitive PII. Possible lack of segmentation between customer data and internal business systems. Unclear initial access vector (e.g., phishing, unpatched vulnerability, or insider threat).
References
Blog URL Source URL
OCTOBER 2025
656
SEPTEMBER 2025
654
AUGUST 2025
652
JULY 2025
650
JUNE 2025
648
MAY 2025
645
APRIL 2025
643
MARCH 2025
641
FEBRUARY 2025
638
JANUARY 2025
636
JUNE 2023
769
Ransomware
16 Jun 2023 • Under Armour
Under Armour Data Breach by Everest Ransomware Group

The Everest ransomware group claimed responsibility for a cyberattack on sportswear retailer **Under Armour**, leaking a sample of stolen data on a dark web site. The hackers allege they exfiltrated **343GB of internal company data**, including **personally identifiable information (PII) of customers and employees**, such as email addresses, phone numbers, order histories, location data, and transaction records. The group demanded ransom negotiations within a **7-day deadline**, threatening further data exposure if unmet.The breach poses severe risks, including **identity theft, social engineering, and financial fraud** for affected customers. Under Armour has not yet publicly confirmed the incident, but the Everest group’s track record—with over **250 victims since 2023**, including high-profile disruptions like the **Dublin Airport supplier attack**—lends credibility to the claim. The leaked data’s sensitivity and scale suggest a **large-scale compromise of both customer and employee records**, heightening reputational, financial, and operational threats to the company.

580
critical -189
UND3992039111825
Incident Details -
Type
data breach ransomware attack
Motivation
financial (ransom extortion)
Impact
personally identifiable information (PII) internal company documents email addresses phone numbers order histories location data transaction data Brand Reputation Impact: high (potential loss of trust due to exposure of sensitive customer/employee data) Identity Theft Risk: high (customers at risk of identity theft, social engineering, and fraud)
Data Breach
PII (customers and employees) internal company documents Number Of Records Exposed: millions (exact number undisclosed, 343GB of data exfiltrated) Sensitivity Of Data: high (includes personal and transactional data) email addresses phone numbers order histories location data transaction data
Recommendations
Customers should monitor accounts for suspicious activity (identity theft, fraud). Use identity theft protection software if concerned. Exercise caution with unexpected communications (e.g., phishing emails/texts). Verify sender authenticity (e.g., check for spoofed domains like 'gma1l' instead of 'gmail').
Investigation Status
unconfirmed (Under Armour has not publicly responded)
Customer Advisories
Monitor accounts for fraud/identity theft. Be wary of social engineering attempts (e.g., phishing).
Initial Access Broker
customer PII internal company documents
References
Blog URL Source URL

Frequently Asked Questions

According to Rankiteo, the current A.I.-based Cyber Score for Under Armour is 529, which corresponds to a Critical rating.

According to Rankiteo, the A.I. Rankiteo Cyber Score for November 2025 was 525.

According to Rankiteo, the A.I. Rankiteo Cyber Score for October 2025 was 656.

According to Rankiteo, the A.I. Rankiteo Cyber Score for September 2025 was 654.

According to Rankiteo, the A.I. Rankiteo Cyber Score for August 2025 was 652.

According to Rankiteo, the A.I. Rankiteo Cyber Score for July 2025 was 650.

According to Rankiteo, the A.I. Rankiteo Cyber Score for June 2025 was 648.

According to Rankiteo, the A.I. Rankiteo Cyber Score for May 2025 was 645.

According to Rankiteo, the A.I. Rankiteo Cyber Score for April 2025 was 643.

According to Rankiteo, the A.I. Rankiteo Cyber Score for March 2025 was 641.

According to Rankiteo, the A.I. Rankiteo Cyber Score for February 2025 was 638.

According to Rankiteo, the A.I. Rankiteo Cyber Score for January 2025 was 636.

Over the past 12 months, the average per-incident point impact on Under Armour’s A.I Rankiteo Cyber Score has been 0 points.

You can access Under Armour’s cyber incident details on Rankiteo by visiting the following link: https://www.rankiteo.com/company/under-armour.

You can find the summary of the A.I Rankiteo Risk Scoring methodology on Rankiteo by visiting the following link: Rankiteo Algorithm.

You can view Under Armour’s profile page on Rankiteo by visiting the following link: https://www.rankiteo.com/company/under-armour.

With scores of 18.5/20 from OpenAI ChatGPT, 20/20 from Mistral AI, and 17/20 from Claude AI, the A.I. Rankiteo Risk Scoring methodology is validated as a market leader.