"Have I Been Pwned (HIBP) says 72.7 million accounts registered with Under Armour were affected by an alleged ransomware attack in November. The data breach platform ingested the files that were leaked by a member of the Everest ransomware group on January 18 via a cybercrime forum. According to HIBP's post from Tuesday, names, email addresses, dates of birth, genders, geographic locations, and details of previous purchases were leaked."
"Among the ransomware crew's back catalog of high-profile raids are claimed hits on Collins Aerospace, Sweden's power grid, and the Brazilian government, among others. Asus also recently confirmed it was affected by an Everest attack, albeit through a supplier, with its internal files compromised by the group as a result. As far as ransomware groups are concerned, Everest is something of a veteran, operating since 2020 - far longer than most groups tend to last, be it through takedowns or implosions."
Have I Been Pwned ingested files leaked January 18 that it attributes to a November ransomware incident affecting 72.7 million Under Armour accounts. Leaked fields include names, email addresses, dates of birth, genders, geographic locations, and previous purchase details. Everest claimed additional data such as phone numbers, physical addresses, loyalty program information, and preferred stores. Under Armour has not acknowledged the alleged leak or responded to inquiries. Everest added Under Armour to its leak site earlier and threatened data release unless a ransom was paid. A proposed class action was filed on behalf of an affected customer. Everest has claimed other high-profile raids and has operated since 2020.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]