Sportswear large Nike is actively investigating a possible cybersecurity incident after WorldLeaks, a financially motivated ransomware group, claimed accountability for a major information breach affecting the corporate.
The group introduced the breach on its darknet leak web site on January 22, 2026, claiming to have exfiltrated over 1.4 terabytes of inner information and threatening to launch the stolen info if ransom calls for weren’t met.
Nike confirmed its consciousness of the alleged incident in an official assertion, noting that it’s “actively assessing the state of affairs” and takes client privateness and information safety severely.
Nonetheless, the athletic footwear producer offered minimal particulars relating to the scope of the breach or whether or not buyer info was compromised within the assault.
Scope of Alleged Information Publicity
In accordance with WorldLeaks’ claims, the exfiltrated information contains inner firm documentation, buyer info, worker credentials, provide chain data, and manufacturing operations archives spanning the previous 5 years.
Trade analysts recommend the compromised dataset might attain a number of terabytes primarily based on the group’s historic assault patterns.
Preliminary stories point out roughly 481,183 compromised consumer accounts, 220 worker data, and 444 third-party worker credentials might have been uncovered.
WorldLeaks emerged in January 2025 as a strategic rebrand of the now-defunct Hunters Worldwide operation.
The group operates utilizing an extortion-only mannequin, focusing completely on information theft relatively than file encryption, enabling quicker assault execution and decreasing detection danger.
Cybersecurity researchers imagine some WorldLeaks directors keep connections to the Hive ransomware operation, which legislation enforcement dismantled in 2023.
Since its formation, WorldLeaks has claimed over 116 victims, together with high-profile targets akin to Dell Applied sciences, the place the group allegedly stole 1.3 terabytes of information.
Intelligence stories point out the group usually positive factors preliminary entry by compromised legit web sites, phishing campaigns with malicious attachments, unpatched internet-exposed functions, and VPNs missing multi-factor authentication.
This incident marks the continuation of coordinated cyberattacks concentrating on the retail and athletic attire sectors.
Final week, Beneath Armour disclosed that hackers had posted thousands and thousands of buyer data on an internet discussion board, elevating questions on whether or not the Nike and Beneath Armour incidents are linked.
Safety consultants advocate that organizations implement necessary multi-factor authentication on all distant entry factors.
The incident underscores the persistent menace posed by subtle ransomware teams concentrating on high-value organizations with important mental property holdings.
Comply with us on Google Information, LinkedIn, and X for each day cybersecurity updates. Contact us to characteristic your tales.
