Nike Investigating Mega Security Breach as Hackers Steal 1.4TB of Data
Nike investigating mega security breach as hackers claim to have stolen 1.4TB of data. Sportswear giant Nike says it is investigating a potential data breach, after cybercriminals listed the company on their data leak site.
Threat actors going by WorldLeaks recently added Nike to their list of breached organizations, claiming to have stolen 1.4TB of internal data, including a sample to show the data relates to design and manufacturing.
- WorldLeaks claims 1.4TB Nike design and manufacturing data stolen
- Nike investigates breach, says no customer or employee PII exposed
- WorldLeaks, successor to Hunters International, focuses on file theft over encryption
Some of the directories shared with the underground community are named “Women’s Sportswear,” “Men’s Sportswear,” “Training Resource – Factory,” and “Garment Making Process”. It appears that customer data, or employee PII was not nabbed in this breach.
In a statement shared with The Register, Nike said it was looking into the incident, but did not confirm, or deny, the claims.
“We always take consumer privacy and data security very seriously,” a spokesperson said. “We are investigating a potential cybersecurity incident and are actively assessing the situation.”
Surprisingly, Nike does not have experience with major cyberattacks. Even though most large organizations are under constant pressure, and many succumbed (such as the recent attack against Under Armour, for example), Nike hasn’t publicly confirmed any major, widely reported cyberattack on its core systems, aside from the WorldLeaks situation.
WorldLeaks is a well-known threat actor, whose victim list spans dozens of high-profile organizations, such as Dell, or Chain IQ. Allegedly, it is the successor of Hunters International, another globally recognized group that emerged after the death of Hive.
In mid-2025, Hunters International announced it was shutting down its operation and releasing free decryption tools for victims who hadn’t paid. It said it would close the project altogether, but some researchers believe this was just done to throw law enforcement off their trail.
WorldLeaks is a threat actor that does not deploy the encryptor, but rather just steals files. It is an emerging trend among ransomware operators, given the cumbersome and expensive nature of encryptors.