Nike Targeted in Alleged Ransomware Attack by WorldLeaks Group
Global sportswear giant Nike is facing an alleged cyberattack by the ransomware group WorldLeaks, which has publicly claimed responsibility for the breach. The group announced on its leak site that stolen data will be released this Saturday at 6 p.m., escalating pressure on the company as part of an aggressive extortion campaign.
WorldLeaks, known for its high-profile enterprise targeting, typically publishes victim announcements to coerce ransom payments. As of now, Nike has not issued a public confirmation of the intrusion, and independent verification from security researchers remains unavailable. The exact scope of the stolen data is unconfirmed, though WorldLeaks claims to have exfiltrated a substantial volume of internal information potentially ranging from hundreds of gigabytes to multiple terabytes.
Historically, ransomware groups like WorldLeaks gain initial access through compromised VPN credentials, exploited vulnerabilities in internet-facing applications, or spear-phishing campaigns. Once inside, attackers move laterally to identify and exfiltrate high-value data before deploying encryption. The stolen material may include corporate documents, employee records, customer databases, supplier communications, contracts, and HR data.
If the data is published, the fallout could be significant. Exposed employee records may lead to phishing and identity fraud, while leaked customer and partner information could enable social engineering attacks and supply chain compromises. Strategic document disclosures may also undermine competitive positioning and reveal sensitive business operations.
Security teams are expected to analyze any released data to verify authenticity, assess breach scope, and evaluate downstream risks for connected organizations. The incident underscores the growing threat of data-extortion ransomware attacks targeting major enterprises.
Source: https://cyberpress.org/nike-allegedly-breached-by-worldleaks-ransomware-group-in-major-cyberattack/
Nike cybersecurity rating report: https://www.rankiteo.com/company/nike
"id": "NIK1769167310",
"linkid": "nike",
"type": "Ransomware",
"date": "1/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Sportswear',
'location': 'Global',
'name': 'Nike',
'type': 'Corporation'}],
'attack_vector': ['Compromised VPN credentials',
'Exploited vulnerabilities in internet-facing applications',
'Spear-phishing campaigns'],
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Corporate documents',
'Employee records',
'Customer databases',
'Supplier communications',
'Contracts',
'HR data']},
'description': 'Global sportswear giant Nike is facing an alleged cyberattack '
'by the ransomware group WorldLeaks, which has publicly '
'claimed responsibility for the breach. The group announced on '
'its leak site that stolen data will be released this Saturday '
'at 6 p.m., escalating pressure on the company as part of an '
'aggressive extortion campaign.',
'impact': {'brand_reputation_impact': 'Potential undermining of competitive '
'positioning and sensitive business '
'operations disclosure',
'data_compromised': 'Substantial volume of internal information '
'(hundreds of gigabytes to multiple terabytes)',
'identity_theft_risk': 'Possible phishing and identity fraud from '
'exposed employee records'},
'investigation_status': 'Ongoing',
'motivation': 'Extortion',
'ransomware': {'data_exfiltration': True},
'references': [{'source': 'WorldLeaks leak site'}],
'threat_actor': 'WorldLeaks',
'title': 'Nike Targeted in Alleged Ransomware Attack by WorldLeaks Group',
'type': 'Ransomware'}