Nike has confirmed that it is investigating a potential cybersecurity incident after claims surfaced online that its internal data may have leaked by a cybercrime group. The same group, known for extortion-driven attacks against other companies, previously claimed the Nike cyberattack on its dark web site.
Nike acknowledged the situation of a potential cybersecurity incident, stating, “We always take consumer privacy and data security very seriously. We are investigating a potential cybersecurity incident and are actively assessing the situation.” The company has not yet disclosed whether the cyberattack on Nike involved customer, employee, or partner data.
Hacker Group Claims the Nike Cyberattack
The allegations stem from a ransomware group known as World Leaks, which claimed on its website that it had published 1.4 terabytes of data allegedly tied to Nike’s business operations. The group did not specify what types of files or information were included in the purported leak.
The Cyber Express reached out to Nike for further details regarding the reported cyberattack on Nike. However, as of the time of writing, the company had not shared any additional updates or clarification about the incident or its potential impact.
World Leaks is an extortion-focused cybercrime group that steals corporate data to pressure victims into paying ransoms, threatening public disclosure if demands are not met. The group emerged in 2025 after rebranding from Hunters International, a ransomware gang active since 2023.
Following increased law enforcement scrutiny, the group reportedly abandoned traditional file-encryption tactics and shifted entirely to data theft and extortion. It has since claimed hundreds of victims.
Potential Partner Impact and Broader Industry Context
It remains unclear whether the alleged Nike data breach affected information belonging to any of Nike’s major wholesale partners. The company works closely with large retailers such as Dick’s Sporting Goods, Macy’s, and JD Sports.
The reported cyberattack on Nike comes as data breaches continue to disrupt major corporations worldwide. High-profile cyber incidents in 2023 and 2024 affected companies, including MGM Resorts International, Clorox, and UnitedHealth Group. MGM disclosed losses of at least $100 million tied to its attack, while Clorox reported a decline of more than $350 million in quarterly net sales following its breach.
The incident also follows similar developments within the sportswear sector. TechCrunch recently reported that Under Armour launched an investigation after 72 million customer email addresses were posted online.
Nike’s Business Challenges Amid Cybersecurity Concerns
According to The Star, Nike has been working to regain its position as the world’s dominant sportswear brand after losing market share to smaller competitors. Against this backdrop, the emergence of a potential Nike cyberattack adds another layer of uncertainty. Despite the reports, Nike’s shares were flat as of late morning on Monday, indicating that investors may be waiting for verified details before reacting.
As investigations continue, it remains uncertain whether the alleged Nike data breach will be confirmed or what consequences may follow. Nike has stated only that it is actively assessing the situation, and further information is expected as the inquiry progresses and claims related to the cyberattack on Nike are independently evaluated.
This is an ongoing story, and The Cyber Express will be closely monitoring the situation. We will update this post once we have more information on the Nike cyberattack or any additional information from the company.