Have I Been Pwned (HIBP) has added a potential data breach linked to Under Armour, affecting over 72 million email addresses and personal details. The breach is attributed to the Everest ransomware group, which claims to have stolen 343GB of data from Under Armour in November 2025. After the company reportedly did not pay the ransom, the group leaked the data on their dark web site, and by January 2026, it began circulating on underground forums. The compromised data includes not just email addresses, but also full names, dates of birth, gender, physical addresses, purchase histories, and behavioral data related to shopping. About 76% of the email addresses are already in the HIBP database from prior incidents. The leak also contains internal documents with employee contact details and loyalty program records, totaling around 19.5GB across 191 million records. This level of detail raises concerns about phishing, identity theft, and long-term profiling of users. Under Armour has not confirmed the breach or notified affected customers yet. As lawsuits begin to emerge, plaintiffs accuse the company of inadequate security measures. The combination of exposed personal information makes users particularly susceptible to targeted phishing attacks and other forms of harassment. Those impacted by the breach should monitor their financial accounts closely, be cautious of unsolicited communications, and change any reused passwords associated with the exposed emails.