Nike confirmed it is investigating a potential cybersecurity incident after extortion crew WorldLeaks claimed to have stolen 1.4 terabytes containing 188,347 files from the sportswear giant’s systems and posted samples on its leak site. The published data features filenames pointing toward design and manufacturing workflows rather than customer databases, with directories labeled “Women’s Sportswear,” “Men’s Sportswear,” “Training Resource – Factory,” and “Garment Making Process,” suggesting the alleged haul centers on product development and production processes. Nike declined to validate the criminals’ claims or specify what data was stolen and whether the company plans to pay a ransom demand, stating only that it takes consumer privacy and data security seriously and is actively assessing the situation.
There is currently nothing to suggest customer or employee records were involved in the breach, which keeps regulators at arm’s length for now, though design files, factory training notes, and process documentation represent internal operational intelligence that companies typically seek to protect from unauthorised access.
WorldLeaks is reported to be a rebrand of Hunters International, a ransomware gang active since 2023 that has shifted away from traditional ransomware encryption tactics to focus exclusively on data exfiltration and extortion through threatened leaks, reflecting broader industry changes as police pressure increases and fewer companies pay for decryption keys.