Sportswear giant Nike said it was investigating a possible data breach after cybercriminals listed the company on its data breach website.
WorldLeaks criminals recently added Nike to their list of target organizations, claiming to have stolen 1.4TB of internal data, including a sample showing the data was related to design and manufacturing.
Some of the directories shared with the underground community are named “Women’s Sportswear”, “Men’s Sportswear”, “Training Resource – Factory”, and “Apparel Manufacturing Process”. It appears that no customer data or employee personal information was recovered in this breach.
WorldLeaks and Hunters International
In a statement shared with The RegistryNike said it was investigating the incident but did not confirm or deny the claims.
“We always take consumer privacy and data security very seriously,” a spokesperson said. “We are investigating a possible cybersecurity incident and are actively assessing the situation.”
Surprisingly, Nike has no experience dealing with major cyberattacks. Although most large organizations are under constant pressure and many are failing (such as the recent attack on Under Armour), Nike has not publicly confirmed any major and widely reported cyberattacks on its core systems, aside from the WorldLeaks situation.
WorldLeaks is a well-known threat actor whose list of victims includes dozens of well-known organizations such as Dell and Chain IQ. This would be the successor to Hunters International, another world-renowned group that emerged after the death of Hive.
In mid-2025, Hunters International announced that it would cease operations and provide free decryption tools to victims who did not pay. He announced that he would end the project, but some researchers believe this was simply intended to throw authorities off track.
WorldLeaks is a threat actor that does not use any encryption mechanism but simply steals files. This is an emerging trend among ransomware operators because encryption programs are cumbersome and expensive.
