Nike, the American apparel behemoth, may have suffered a data breach. A prominent cybercriminal gang claims it has hacked the company and is threatening to release stolen data to the public.
The World Leaks gang posted Nike on its dark web leak site, used to showcase its latest victims. It’s a common tactic ransomware gangs employ, hoping to coax victims into meeting their ransom demand over fears of public exposure.
At the time of writing, attackers were scant on details. They did not disclose how much data may have been syphoned or provide any data samples to support the Nike data breach claims.
The post claiming Nike as a victim includes a countdown clock set to end on January 24th. Ransomware gangs use this tool to create a sense of urgency and as a scare tactic against victim organizations.
Meanwhile, Nike shared a statement with Cybernews, saying it is aware of the situation and is currently investigating its scope.
“We always take consumer privacy and data security very seriously. We are investigating a potential cybersecurity incident and are actively assessing the situation,” Nike said.
More about the leaked data and our teams' conclusions regarding it's legitimacy can be found here.
Who’s behind World Leaks?
The gang was launched in early 2025 and is widely believed to be a rebrand of the notorious Hunter’s International ransomware cartel. The gang departed somewhat from typical ransomware practices by threatening to leak stolen data rather than encrypting files on target systems.
However, according to researchers at Halycon, that gang combines traditional encryption with data leaks and functions as an extortion-as-a-service (EaaS) operation. Since there is significant overlap between Hunter’s International and World Leaks, the gang is very likely to be Russia-linked.
While the gang victimized numerous organizations over the last year, some of its activities lack credibility. For example, last July, the gang bragged about breaching US tech giant Dell, infiltrating its Customer Solution Centers platform.
Meanwhile, the company acknowledged a data breach, but added that the data attackers took was useless, as World Leaks accessed an environment designed to demonstrate our products and test proofs-of-concept for Dell’s commercial customers.
Ransomware operators are continuously targeting large brands, with US hotel giant Hyatt, Apple’s key partner in assembling iPhones, and McDonald’s India claimed just days apart.
Updated on January 26th [09:00 a.m. GMT] with a statement from Nike.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked