Month: January 2026

A data breach at American apparel giant Under Armour has leaked the personal information of 72.7 million customers following a ransomware attack. The data breach surfaced in November 2025 after the Everest ransomware gang claimed responsibility for the attack by listing Under Armour on a dark web leak site.

🚨DATA BREACH– Under Armour (underarmour[.]com)

In November 2025, the Everest ransomware group claimed responsibility for a massive cyberattack on Under Armour, exfiltrating ~343 GB of sensitive data. After Under Armour reportedly failed to pay the ransom within the 7-day… pic.twitter.com/bJj6Hc6wSW

— JustaBreach (@justabreach) January 18, 2026

On January 18, 2026, the ransomware gang leaked samples on an underground hacking forum and demanded an unspecified ransom to avoid leaking the entire trove, totaling about 343 GB.

Data breach tracking website Have I Been Pwned (HIBP) confirmed the data breach and assessed that it leaked customers names, email addresses, genders, dates of birth, and geographic locations.

Have I Been Pwned said the stolen Under Armour dataset included names, email addresses, genders, dates of birth, and customers’ approximate location based on postcode or ZIP code. The data also included purchase information, such as product IDs, prices, quantities, store preferences, and marketing campaign logs. Together, this can be used by cybercriminals for shopping scams and phishing.

Under Armour is now facing a class action lawsuit for its alleged negligent handling of personal information and the November 2025 data breach.

Read more about it here.

Claims administration and risk management giant Sedgwick disclosed a cybersecurity incident at its federal contractor subsidiary, Sedgwick Government Solutions, on January 4, 2026. The company made the disclosure after the TridentLocker ransomware gang publicly claimed responsibility for stealing 3.4 GB of sensitive data.

The list of federal agencies using Sedgwick Government Solutions’ services includes the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Commerce, the United States Citizenship and Immigration Services (USCIS), the United States Coast Guard, the Department of Homeland Security (DHS), the U.S. Department of Labor, the Customs and Border Protection (CBP), the Transportation Security Administration (TSA), the Federal Emergency Management Agency (FEMA), and the U.S. Coast Guard.

Sedgwick responded to the incident by immediately activating its incident response protocols with the support of external cybersecurity experts. The company added that Sedgwick Government Solutions is segmented from the rest of its business, and no wider Sedgwick systems or data were affected.

Sedgwick employs 33,000 employees and serves 10,000 clients across 80 countries, including 59% of the Fortune 500, and its subsidiary serves over 20+ government agency clients.

Read more about it here.

British luxury car maker Jaguar Land Rover has reported devastating preliminary 2025 fourth quarter results as a result of crippling cyberattack.

Wholesale sales in the last quarter of 2025 were 59,200 units, down 43.3% vs. the last quarter of 2024.
Retail sales in the last quarter of 2025 were 79,600 units, down 25.1% vs. the last quarter of 2024.

The September 2, 2025 cyberattack forced the car maker to send staff home and shut down production. In a follow-up statement, the company also confirmed that data had been stolen during the cyberattack, which was later claimed by the Scattered Lapsus$ Hunters cybercrime collective made out of cybercriminal groups.

JLR got £1.5 billion in financial support from the UK government to aid its recovery and help companies in the supply chain as JLR struggled to bring its invoicing system online.

Read more about it here.