**Under Armour's Slow Response to Data Breach Leaves Customers on Edge**
If you're an Under Armour customer who has shared personal data with the fitness brand, be warned: a potential data breach could put your information at risk of being exploited by hackers. The company is investigating a possible breach after a ransomware group claimed responsibility for stealing 343GB of corporate data, including sensitive customer information.
The Everest ransomware group, which infiltrated Under Armour in November, allegedly made off with a staggering amount of data - including 72 million email addresses, names, dates of birth, and purchase information. The stolen data has even started to circulate on the dark web, according to HaveIBeenPwned.com, a website that tracks data breaches.
Despite the gravity of the situation, Under Armour's response has been anything but swift. Two months after the Everest ransomware group claimed responsibility for the hack, the company still maintains that its investigation is "ongoing." And yet, there are signs that the breach is real - and potentially far-reaching. For one thing, several customers have received alerts from Capital One's CreditWise monitoring service warning them that their email addresses were exposed in a breach of Under Armour's website.
Orvin Ganesh, an Under Armour customer from Texas, has even filed a class-action lawsuit against the fashion brand over the alleged breach. And he's not alone: at least three former employees have also filed similar lawsuits in Maryland, where Under Armour is based. The danger, of course, is that stolen information could be used for identity theft or bombarding users with phishing emails and other scams.
Under Armour has thus far been tight-lipped about the breach, failing to mention it on its website or in financial filings. However, a spokesperson for the company did tell TechCrunch that "at this time, there's no evidence to suggest this issue affected UA.com or systems used to process payments or store customer passwords." But with the dark web already circulating allegedly stolen data, it remains to be seen how long Under Armour will continue to drag its feet on investigating the breach.
For customers who have shared their personal data with Under Armour, the waiting game is far from over. With sensitive information potentially at risk of being exploited by hackers, it's a good idea to keep a close eye on your accounts and credit reports - just in case. And for Under Armour, the question remains: what's taking so long?