Nike has launched an investigation after a cybercrime group claimed to have stolen data from its systems.
The athletic footwear and apparel giant was listed as a victim on the Tor-based leak website operated by the WorldLeaks gang on January 22, and a timer indicates that the stolen data will be made public on January 24, unless a ransom is paid.
The cybercriminals have not specified how much or what type of data they allegedly stole from Nike.
“We always take consumer privacy and data security very seriously,” Nike told SecurityWeek. “We are investigating a potential cyber security incident and are actively assessing the situation.”
WorldLeaks emerged in 2025 following the shutdown of Hunters International, a ransomware group active since late 2023. With the transition to WorldLeaks, the cybercriminals stopped using file-encrypting malware and have concentrated entirely on data theft and extortion.
At the time of writing, the WorldLeaks website names nearly 120 alleged victims. One of them is Dell, which in July 2025 said the hackers had only stolen synthetic or publicly available information.
News of a potential intrusion at Nike comes shortly after clothing retailer Under Armour announced that it’s investigating a data breach involving customers’ email addresses and other personal information.
Related: Analysis of 6 Billion Passwords Shows Stagnant User Behavior
Related: 42,000 Impacted by Ingram Micro Ransomware Attack
Related: 750,000 Impacted by Data Breach at Canadian Investment Watchdog
Related: Central Maine Healthcare Data Breach Impacts 145,000 Individuals
