Sportswear and fitness brand Under Armour is investigating claims of a massive data breach after customer records were posted on a hacker forum. 

The breach became widely known after millions of people received alerts warning their information may have been compromised. While Under Armour says its investigation is ongoing, cybersecurity researchers reviewing the leaked data say it appears to include personal details potentially linked to customer purchases.

According to breach notification service Have I Been Pwned, the dataset contains email addresses linked to approximately 72 million people, prompting the organization to notify affected users directly. The scale of the exposure has raised new concerns about how consumer data can be misused long after a breach occurs.

Sign up for my FREE CyberGuy Report 
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

THIRD-PARTY BREACH EXPOSES CHATGPT ACCOUNT DETAILS  

What happened in the Under Armour data breach

The stolen data is reportedly linked to a ransomware attack that occurred in November 2025. At the time, the Everest ransomware group claimed responsibility and attempted to extort Under Armour by threatening to leak internal files. In January 2026, customer data from that incident appeared publicly on a popular hacking forum. Soon after, breach notification service Have I Been Pwned obtained a copy of the data and alerted affected users by email. According to reports, the seller claimed the stolen files came directly from the November breach and included millions of customer records.

What data was exposed

The leaked dataset reportedly includes a broad range of personal information. While payment card details have not been confirmed, the exposed data is still valuable to cybercriminals.

Compromised information may include:

Researchers also found email addresses belonging to Under Armour employees within the data. That increases the risk of targeted phishing and business email compromise scams.

Under Armour’s response so far

“We are aware of claims that an unauthorized third party obtained certain data,” an Under Armour spokesperson told CyberGuy. “Our investigation of this issue, with the assistance of external cybersecurity experts, is ongoing. Importantly, at this time, there’s no evidence to suggest this issue affected UA.com or systems used to process payments or store customer passwords. Any implication that sensitive personal information of tens of millions of customers has been compromised is unfounded. The security of our systems and data is a top priority for UA, and we take this issue very seriously.”

Why this breach matters

Even without passwords or payment details, this breach still poses serious risks. Names, email addresses, birth dates and purchase history can be used to create highly convincing scams. Cybercriminals often reference real purchases or account details to gain trust. As a result, phishing emails tied to this breach may appear legitimate and urgent. Over time, exposed data like this can also be combined with other breaches to build detailed identity profiles that are harder to protect against.

How to check if your passwords were stolen

To see if your email was affected, visit the Have I Been Pwned website. It is the first and official source for this newly added dataset. Enter your email address to find out if your information appears in the leak. When done, come back here for Step 1 below.

Ways to stay safe after the Under Armour data breach

If you received a breach alert or believe your information may be included, taking action now can reduce your risk later.

1) Change reused passwords and use a password manager

If you reused the same password on other sites, change those passwords right away. Even if Under Armour says passwords were not affected, exposed email addresses are often used in follow-up attacks. A password manager makes this easier. It creates strong, unique passwords for each account and stores them securely. That way, one breach cannot unlock multiple accounts.

Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2026 at Cyberguy.com.

2) Watch for phishing emails tied to Under Armour

Cybercriminals often move fast after a breach. As a result, emails that appear to come from Under Armour or fitness brands may land in your inbox. Be cautious of messages that claim there is an issue with your account or a recent purchase. Do not click links or open attachments in unexpected emails. Instead, go directly to the company’s official website if you need to check your account. Using strong antivirus software can also help block malicious links and attachments before they cause harm.

ILLINOIS DHS DATA BREACH EXPOSES 700K RESIDENTS’ RECORDS

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

3) Turn on two-factor authentication everywhere you can

Two-factor authentication (2FA) adds an extra layer of protection. Even if someone gets your password, they still need a second step to log in. Turn it on for email accounts first. Then enable it for shopping, fitness and financial accounts. This single step can stop many account takeover attempts linked to breached data.

4) Monitor for password reset attempts and account alerts

After a breach, attackers often test stolen email addresses across multiple sites. That activity can trigger password reset emails you did not request. Pay close attention to these alerts. If you see one, secure the account immediately by changing the password and reviewing recent activity.

5) Be skeptical of messages that reference past purchases

This breach included purchase information, which makes scams more convincing. Attackers may reference real products or order details to earn your trust. Treat any message that pressures you to act quickly as suspicious. Legitimate companies do not demand immediate action by email or text.

6) Reduce your exposure with a data removal service

Over time, exposed personal data often ends up with data brokers. These companies collect and sell profiles that scammers use for targeting. A data removal service can help you request the deletion of your information from these databases. Reducing what is publicly available makes it harder for criminals to build detailed profiles.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

Kurt’s key takeaways

The Under Armour data breach is a reminder that even major global brands can become targets. While payment systems appear unaffected, the exposure of personal data still creates long-term risks for millions of customers. Data breaches often unfold over time. What starts as leaked records can later fuel scams, identity theft and targeted attacks. Staying alert now can reduce the chance of bigger problems later.

If your personal shopping or fitness data were exposed in a breach like this, would you keep using the brand or move on to a competitor? Let us know by writing to us at Cyberguy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

Copyright 2026 CyberGuy.com. All rights reserved.  

Apple often promotes the App Store as a secure place to download apps. The company highlights strict reviews and a closed system as key protections for iPhone users. That reputation now faces serious questions.

New research shows that thousands of iOS apps approved by Apple contain hidden security flaws. These flaws can expose user data, cloud storage and even payment systems. 

The issue is not malware; it’s poor security practices baked directly into the app code.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

APPLE WARNS MILLIONS OF IPHONES ARE EXPOSED TO ATTACK

What researchers discovered inside iOS apps

Security researchers at Cybernews, a cybersecurity research firm, analyzed the code of more than 156,000 iPhone apps. That represents about 8% of all apps available worldwide.

Here is what they found:

• Over 815,000 hidden secrets inside app code
• An average of five secrets per app
• 71% of apps leaked at least one secret

These secrets include passwords, API keys and access tokens. Developers place them directly inside apps, where anyone can extract them. According to Cybernews researcher Aras Nazarovas, this makes attackers’ jobs much easier than most users realize.

What are hardcoded secrets in simple terms?

A hardcoded secret is sensitive information saved directly inside an app instead of being protected on a secure server. Think of it like writing your bank PIN on the back of your debit card. Once someone downloads the app, they can inspect its files and pull out those secrets. Attackers do not need special access or advanced hacking tools. Both the Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation warn developers not to do this. Yet it is happening at a massive scale.

Cloud storage leaks exposed huge amounts of data

One of the most serious problems involves cloud storage. More than 78,000 iOS apps contained direct links to cloud storage buckets. These buckets store files such as photos, documents, receipts and backups. In some cases, no password was required at all. Researchers found:

• 836 storage buckets are fully open to the public
• Over 76 billion exposed files
• More than 406 terabytes of leaked data

This data included user uploads, registration details, app logs and private records. Anyone who knew where to look could view or download it.

APPLE PATCHES TWO ZERO-DAY FLAWS USED IN TARGETED ATTACKS

Firebase databases were also left open

Many iOS apps rely on Google Firebase to store user data. Cybernews found more than 51,000 Firebase database links hidden in app code. While some were protected, over 2,200 had no authentication. That exposed:

• Nearly 20 million user records
• Messages, profiles, and activity logs
• Databases that are mostly hosted in the U.S.

If a Firebase database is not locked down, attackers can browse user data like a public website.

Payment and login systems were at risk too

Some of the leaked secrets were far more dangerous than analytics or ads. Researchers discovered secret keys for:

• Stripe, which handles payments and refunds
• JWT authentication systems that control logins
• Order management tools used by shopping apps

A leaked Stripe secret key can allow attackers to issue refunds, move money or access billing details. Leaked login keys can let attackers impersonate users or take over accounts.

AI and social apps were among the worst offenders

Some of the apps with the largest leaks were related to artificial intelligence. According to VX Underground, security firm CovertLabs identified 198 iOS apps leaking user data. The worst known case was Chat & Ask AI by Codeway. Researchers say it exposed chat histories, phone numbers and email addresses tied to millions of users. Another app, YPT – Study Group, reportedly leaked messages, user IDs and access tokens. CovertLabs tracks these incidents in a restricted repository called Firehound. The full list of affected apps has not been publicly released, and researchers say the data is limited to prevent further exposure and to give developers time to fix security flaws.

MALICIOUS GOOGLE CHROME EXTENSIONS HIJACK ACCOUNTS

Why Apple’s App review can miss hidden security risks

Apple reviews apps before they appear in the App Store. However, the review process does not scan app code for hidden secrets. If an app behaves normally during testing, it can pass review even if sensitive keys are buried inside its files. This creates a gap between Apple’s security claims and real-world risks. Removing leaked secrets is not simple for developers. They must revoke old keys, create new ones and rebuild parts of their apps. That can break features and delay updates. Even though Apple says most app updates are reviewed within 24 hours, some updates take weeks. During that time, vulnerable apps can remain available.

CyberGuy contacted Apple for comment, but did not receive a response before publication.

Ways to stay safe right now

You cannot easily inspect an app for hidden secrets. Apple does not provide tools for that. Still, you can reduce your risk and limit exposure by being selective and cautious. These steps help reduce the risk if an app leaks data behind the scenes.

1) Stick to established app developers

Well-known developers tend to have stronger security teams and better update practices. Smaller or unknown apps may rush features to market and overlook security basics. Before downloading, check how long the developer has been active and how often the app is updated.

2) Review and limit app permissions

Many apps ask for more access than they need. Location, contacts, photos and microphone access all increase the risk of data leaks. Go into your iPhone settings and remove permissions that are not essential for the app to work.

3) Delete apps you no longer use

Unused apps still retain access to data you shared in the past. They may also store information on remote servers long after you stop opening them. If you have not used an app in months, remove it. Here’s how: Open Settings, tap General, select iPhone Storage, and scroll through the list of apps to see when each one was last used. Tap any app you no longer need and select Delete App to remove it and reduce ongoing data exposure.

4) Be cautious with personal and financial details

Avoid entering sensitive information unless it is absolutely necessary. This includes full names, addresses, payment details and private conversations. AI apps are especially risky if you share deeply personal content.

5) Use a password manager for every account

A password manager creates strong, unique passwords for each app and service. This prevents attackers from accessing multiple accounts if one app leaks data. Never reuse passwords tied to your email address.

Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2026 at Cyberguy.com.

6) Change passwords tied to exposed apps

If an app uses your email address for login, change that password immediately. Do this even if there is no confirmation of a breach. Attackers often test leaked credentials across other services.

7) Consider using a data removal service

Some leaked data ends up with data brokers that sell personal information online. A data removal service can help find and remove your details from these databases. This reduces the chance that exposed app data gets reused for scams or identity theft.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

8) Monitor your accounts for unusual activity

Watch for unexpected emails, password reset notices, login alerts, or payment confirmations. These can signal that leaked data is already being abused. Act quickly if something looks off.

9) Pause use of risky AI and chat apps

If you use AI apps for private conversations, consider stopping until the developer confirms security fixes. Once data is exposed, it cannot be pulled back. Avoid sharing sensitive details with apps that store conversations remotely.

Kurt’s key takeaways

Apple’s App Store still offers important protections, but this research shows it is not foolproof. Many trusted iPhone apps quietly expose data due to basic security mistakes. Until app reviews improve, you need to stay alert and limit how much data you share.

How many apps on your iPhone have access to information you would not want exposed? Let us know by writing to us at Cyberguy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter. 

Copyright 2026 CyberGuy.com. All rights reserved.