Nike has launched an investigation into a potential cybersecurity incident after the WorldLeaks cybercrime group claimed it had accessed and exfiltrated data from the company’s systems.
The US-based footwear and apparel major said it was assessing the situation to determine the veracity and scope of the alleged breach. In a statement, the company said it treats consumer privacy and data security as a priority and is actively investigating a possible cybersecurity incident.
WorldLeaks added Nike to its Tor-based leak website on 22nd January and, two days later, claimed to have published around 1.4 terabytes of data comprising more than 188,000 files. The group is known for using data theft as a means of extortion, threatening to publicly release stolen information if targeted organisations do not comply with its demands.
The WorldLeaks group emerged in 2025 following a rebranding of Hunters International, a ransomware operation that had been active since 2023. Amid heightened law enforcement scrutiny, the group is reported to have shifted away from file encryption to focus exclusively on data theft and extortion, and has claimed hundreds of victims across sectors.
The development comes amid heightened scrutiny of cybersecurity practices across the global apparel and retail industry. Under Armour, another US-based sportswear company, has recently been investigating a separate data breach. According to a report by TechCrunch, data relating to about 72 million Under Armour customers was posted online following a breach initially claimed in November by the Everest ransomware group. The incident was later corroborated by Have I Been Pwned, which confirmed the exposure and notified affected users.
Industry experts have said the incidents underline the growing risks faced by consumer-facing brands as cybercriminal groups increasingly target large datasets containing customer information, intellectual property and internal documents.
