Nike has initiated an internal investigation after a cybercrime group alleged that it had compromised the company’s systems and obtained sensitive data.
The global sportswear manufacturer appeared on January 22 on a Tor-based data leak site run by a threat group known as WorldLeaks. According to a countdown posted on the site, the attackers plan to publicly release the purportedly stolen data on January 24 unless a ransom demand is met.
So far, the group has not disclosed what type of information it claims to have accessed or the volume of data involved. In a statement provided to SecurityWeek, Nike emphasized its commitment to safeguarding customer information. “We take consumer privacy and data protection extremely seriously,” the company said. “We are currently investigating a possible cybersecurity incident and are actively evaluating the situation.”
WorldLeaks surfaced in 2025 after the dismantling of Hunters International, a ransomware operation that had been active since late 2023. Unlike its predecessor, WorldLeaks no longer deploys file-encrypting malware, instead focusing exclusively on data theft and extortion-based attacks.
At present, nearly 120 organizations are listed as alleged victims on the WorldLeaks website. Among them is Dell, which stated in July 2025 that the attackers had accessed only synthetic data or information that was already publicly available.
The reported incident involving Nike follows closely on the heels of another breach disclosure in the retail sector. Apparel company Under Armour recently revealed that it is investigating a data exposure event affecting customers’ email addresses and other personal details.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
