Nike is investigating a potential data breach after the WorldLeaks extortion group claims to have leaked 1.4 terabytes of internal corporate data.

Continue reading
Nike has confirmed that it is investigating a possible data breach after a well-known cybercrime group claimed to have stolen and publicly leaked around 1.4 terabytes of internal data tied to the sportswear giant’s business operations. The company acknowledged the situation but stopped short of confirming the full extent of the breach or whether any ransom demand was met.
The dark web extortion gang known as WorldLeaks added Nike to its victim list earlier this month, posting a trove of files that it says came from the company’s internal systems. According to threat intelligence reports, the group listed approximately 188,000 files related to corporate workflows and then later removed the listing, fueling speculation that negotiations may be underway or a ransom has been paid.
WorldLeaks is considered a rebrand of the Hunters International ransomware crew, which shifted away from encrypting systems toward pure data theft and extortion. This shift reflects broader trends in cybercrime,in which stolen data is leveraged to exertr maximum reputational and financial pressure on targets.
In a brief statement, Nike said it takes consumer privacy and data security seriously and is actively assessing whether an incident occurred. The company has not disclosed which systems were accessed, whether any customer or employee personal data was involved, or if a ransom was paid to remove the leak from the gang’s site.
Analysts note that design and internal operations files can be just as damaging as customer data breaches. Exposure of product schematics, supply chain documents, and proprietary workflows could undermine competitive advantage or invite counterfeiting and intellectual property theft, even if consumer financial information is untouched.
Unverified reports suggest the leaked datasets may include internal product development documents, manufacturing workflows, strategic plans, and training resources. If confirmed, these files could offer deep insight into Nike’s business processes.
At this stage, there’s no public confirmation that customer payment data or personal information was exposed. That distinction matters for regulatory reporting obligations in regions like the US and Europe, though internal corporate data leaks still pose serious threats to a brand’s market position and partner relationships.
Nike’s probe comes amid a surge in high-profile corporate cyber incidents. Other major brands, including Under Armour, have disclosed breaches affecting millions of customer records. Ransomware and extortion groups continue to adapt, with some moving away from file encryption toward public data leaks as leverage.
Nike’s investigation remains active. The company has said it will update stakeholders once it verifies the situation and assesses impacts. Investors have shown muted reactions so far, with Nike’s share price largely stable, indicating markets are waiting for confirmed details before pricing in any potential fallout.

U.S. Army recruiting pages hijacked to display fake 404 errors reading ‘Kurdistan’, exploiting a third-party tool and exposing .mil web security gaps.