After WorldLeaks, a financially motivated ransomware group, claimed responsibility for a major data breach affecting the company, sportswear giant Nike is actively looking into a possible cybersecurity incident This article explores incident concerns nike. . On January 22, 2026, the group revealed the breach on its darknet leak site, claiming to have stolen more than 1.4 terabytes of internal data and threatening to make the information public if ransom demands were not fulfilled.
In an official statement, Nike acknowledged being aware of the alleged incident and stated that it is "actively assessing the situation" and takes customer privacy and data security seriously. Nevertheless, the manufacturer of athletic footwear gave very little information about the extent of the breach or whether the attack compromised customer data.
The extent of the purported data exposure WorldLeaks claims that internal company records, customer information, employee credentials, supply chain records, and manufacturing operations archives covering the previous five years are among the exfiltrated data. Based on the group's past attack patterns, industry analysts speculate that the compromised dataset may be several terabytes. According to preliminary reports, there may have been 481,183 compromised user accounts, 220 employee records, and 444 third-party employee credentials.
In January 2025, the now-defunct Hunters International operation underwent a strategic rebranding to become WorldLeaks. In order to facilitate quicker attack execution and lower detection risk, the group uses an extortion-only model, concentrating solely on data theft rather than file encryption.
According to cybersecurity researchers, some WorldLeaks administrators are still connected to the Hive ransomware operation, which was taken down by law enforcement in 2023. WorldLeaks has claimed over 116 victims since its founding, including well-known targets like Dell Technologies, where the group is accused of stealing 1.3 terabytes of data. Learn more about the Hacker Tools guide.
Reports on threat intelligence WordPress security plugin for cyberspace Software for vulnerability scanning Software for endpoint detection and response Network of Zero Trust Obtain solutions Tools for digital forensics VPN services Planning guides for incident response According to intelligence reports, the group usually obtains initial access through unpatched internet-exposed applications, phishing campaigns with malicious attachments, compromised legitimate websites, and VPNs without multi-factor authentication. The retail and sportswear industries continue to be the target of coordinated cyberattacks, as evidenced by this incident.
There are concerns about whether the Nike and Under Armour incidents are related after Under Armour revealed last week that hackers had uploaded millions of customer records on an online forum. Organizations should mandate multi-factor authentication on all remote access points, according to security experts. The incident highlights the ongoing threat posed by highly skilled ransomware groups that target valuable companies with substantial intellectual property holdings.
For daily cybersecurity updates, check out LinkedIn and X. To have your stories featured, get in touch with us.
.webp%3Fw%3D1068%26resize%3D1068%2C0%26ssl%3D1&w=3840&q=75)