Attackers have leaked 1.4TB of what they claim is Nike data, including nearly 190,000 unique files. The Cybernews research team believes the data could be legitimate.
-
World Leaks ransomware gang leaked about 1.4TB of purported Nike corporate and manufacturing data.
-
Cybernews researchers reviewed samples and say the leaked Nike files appear legitimate, with no customer or employee PII observed.
-
Exposed data includes designs, materials, prices, audits, and product timelines, increasing risks of counterfeits and supply chain disruption.
-
Nike acknowledged the potential incident and is investigating, but has not confirmed the leaked data belongs to the company.
American apparel behemoth Nike was claimed by the World Leaks ransomware cartel last Friday. The countdown clock included in the post ran out on January 24th and, as promised, attackers leaked the data supposedly taken from the company.
Meanwhile, Nike shared a statement with Cybernews, saying it is aware of the situation and is currently investigating its scope.
“We always take consumer privacy and data security very seriously. We are investigating a potential cybersecurity incident and are actively assessing the situation,” Nike said.
The Cybernews research team has investigated the data sample that the attackers shared. According to the team, the samples include a treasure trove of corporate data, such as:
- Garment measurements for products
- Details on materials
- Item retail prices
- Product lifecycle
- Clothing testing reports
- Corporate slides and other materials
- Factory audits
“The one thing that appears to be missing from the data sample is employee or customer data. In this case, the impact of the breach would be limited to loss of competitive advantage, increased risk of counterfeit products, and possible supply-chain disruptions,” our team explained.
While the lack of personally identifiable information (PII) in the dataset may calm users, it’s hardly consoling to Nike itself.
Nearly 1.5TB of corporate and manufacturing data is a gold mine for competitors and counterfeit producers, especially in regions less likely to be covered by international agreements.
Since the leaked data appears to cover the period from 2020 through 2026, counterfeiters could start producing fake Nike products without even waiting for their release.
Companies like Nike pour billions into research and development, and data leaks of this sort can severely hinder the advantage R&D-focused dollars give them. The Nike data leak could signal a major loss of intellectual property for the company.
With the fashion world heavily dependent on novelty, the company may be forced to postpone certain product release dates to manufacture new, unseen Nike products, which could affect the company's financial performance.
However, as of now, Nike has not confirmed that the data that the attackers dumped on the dark web actually belongs to the company.
World Leaks, which claimed Nike on January 23rd, was launched in early 2025 and is widely believed to be a rebrand of the notorious Hunter’s International ransomware cartel.
Since Hunters International was a Russia-linked gang and World Leaks is suspected to mainly consist of former Hunters’ personnel, it’s safe to assume the gang’s new iteration shares a geographic affinity with its predecessor.
Unlike its predecessor, though, World Leaks somewhat departed from typical ransomware practices by threatening to leak stolen data rather than encrypting files on target systems. Security experts believe the gang combines traditional encryption with data leaks and functions as an extortion-as-a-service (EaaS) operation.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked