Under Armour prioritized its $5.2 billion annual revenue while failing to implement basic security measures for its customers’ sensitive personal information. In November 2025, a ransomware group successfully seized 343 gigabytes of internal company and customer data, including names, email addresses, and phone numbers. Under Armour stored this sensitive data in a readable format without encryption, directly violating industry standards and its own safety promises. Millions of people now face a lifelong threat of identity theft because a multi-billion dollar corporation chose profit-maximization over data safety.
This extremely recent security failure at Under Armour highlights the devastating human cost of corporate greed in a global economy that treats personal data as a disposable commodity. While the company generated $5.2 billion in revenue for the 2025 fiscal year, it simultaneously maintained computer systems that were fundamentally inadequate for protecting the private information of millions of users.
This breach allowed the criminal group known as Everest to steal a massive trove of files, which were subsequently leaked on the dark web for sale to the highest bidder.
Profit Over Privacy
Under Armour required its customers and employees to hand over sensitive, non-public information as a condition of using its services. Once the company possessed this data, it assumed a legal duty to safeguard it from intruders. The evidence indicates that they failed to use basic protective tools such as encryption or redaction, which would have made the stolen files unreadable to criminals. By keeping this information in a “clear text” format, the company essentially left the digital doors unlocked for hackers.
| Event Timeline | Occurrence |
| Fiscal Year 2025 | Under Armour reports $5.2 billion in total revenue. |
| November 17, 2025 | Unauthorized hackers from the Everest group gain access to unsecured systems. |
| November 17-24, 2025 | Everest group steals 343 GB of internal company data and personal user records. |
| November 18, 2025 | The criminal group publishes sample data on the dark web and issues a 7-day ransom demand. |
| November 24, 2025 | Legal action is filed on behalf of millions of affected individuals. |
The Structural Failures of Neoliberal Capitalism
The situation at Under Armour is a textbook example of how modern capitalism encourages companies to externalize risks onto the public.
Under the eternal logic of profit-maximization, spending money on “unproductive” departments like cybersecurity is often viewed as an unnecessary expense that reduces shareholder value. Companies operating in this environment frequently choose the “lean” model, doing just enough to appear compliant while leaving actual safety measures neglected.
In a late-stage economic system defined by deregulation and regulatory capture, corporations often treat potential legal fines as a mere “cost of doing business” rather than a deterrent. When Under Armour makes $5.2 billion in a single year, the incentive to invest in high-level encryption is weakened by the knowledge that the legal consequences for a breach are often minor compared to the cost of maintaining top-tier security infrastructure.
Economic Fallout and Community Impact
The victims of this security failure are now burdened with the lifelong responsibility of monitoring their personal records.
This represents a massive transfer of labor from the corporation to the individual. Thousands of people must now spend their personal time and money to mitigate a crisis they did not create. The loss of time spent contacting credit bureaus, freezing accounts, and researching identity theft represents a significant economic drain on the average American household.
Meowover, the theft of this data diminishes its market value for the individuals who actually own it.
Personal information is a valuable asset in the modern economy, and by allowing it to be stolen and leaked, Under Armour has effectively destroyed the “property value” of its customers’ identities. Pure thievery!!
Corporate Accountability and the PR Machine
Under Armour has historically made public promises through its privacy policies, claiming to implement “appropriate technical and organizational safeguards.”
But those are all lies!
The reality of the breach suggests these statements were part of a corporate branding strategy rather than a reflection of actual practice. This gap between public messaging and private negligence is a hallmark of late-stage capitalism, where the appearance of ethical conduct is often prioritized over the substance of it.
This lawsuit is a legitimate and necessary challenge to systemic corporate negligence. The harm to the public is well-documented, involving the actual theft of massive amounts of data and a clear failure to follow industry-standard safety protocols.
💡 Explore Corporate Misconduct by Category
Corporations harm people every day — from wage theft to pollution. Learn more by exploring key areas of injustice.
- 💀 Product Safety Violations — When companies risk lives for profit.
- 🌿 Environmental Violations — Pollution, ecological collapse, and unchecked greed.
- 💼 Labor Exploitation — Wage theft, worker abuse, and unsafe conditions.
- 🛡️ Data Breaches & Privacy Abuses — Misuse and mishandling of personal information.
- 💵 Financial Fraud & Corruption — Lies, scams, and executive impunity.
