Nike, Adidas and Under Armour: Nike and Under Armour’s Potential Ransomware Attacks: What to Know

Nike and Under Armour Hit by Ransomware Attacks as Cyber Threats Target Major Brands

Nike and Under Armour have become the latest high-profile victims of ransomware attacks, with cybercriminals leveraging extortion tactics to demand payments. The incidents highlight the growing threat to global apparel brands, following similar breaches at Adidas and The North Face last year.

Nike is currently investigating a potential cybersecurity incident after the ransomware group WorldLeaks claimed responsibility, threatening to release stolen data by 6 p.m. Saturday unless a ransom is paid. While the full scope of compromised data remains unclear, ransomware attacks typically involve customer details such as names, emails, and birthdates. Nike confirmed it is actively assessing the situation, stating, “We always take consumer privacy and data security very seriously.”

Under Armour, meanwhile, disclosed a breach that occurred in November 2023, with the ransomware gang Everest taking credit. Initial reports suggested 72 million email addresses were exposed, but a source close to the investigation disputed this, indicating only a “fraction” of that number was compromised. Under Armour confirmed the breach but emphasized that its e-commerce platform (UA.com) and payment systems remain unaffected. The company is working with external cybersecurity experts to determine the full impact.

These attacks follow a pattern of escalating cyber threats against major fashion and apparel brands. Last year, Adidas confirmed a breach via a third-party customer service provider, exposing consumer contact details but no financial data. The North Face also faced a credential-stuffing attack, though payment information remained secure. International brands, including Dior, Harrods, Kering, and Marks & Spencer, have also been targeted in recent years.

As ransomware groups continue to pressure victims with public leaks and countdown threats, the incidents underscore the persistent risks to corporate data security in the retail sector.

Source: https://wwd.com/footwear-news/shoe-industry-news/nike-under-armour-shoe-firms-ransomware-attacks-cyber-1238498941/

Nike cybersecurity rating report: https://www.rankiteo.com/company/nike

adidas cybersecurity rating report: https://www.rankiteo.com/company/adidas

Under Armour cybersecurity rating report: https://www.rankiteo.com/company/under-armour

"id": "NIKADIUND1769229125",
"linkid": "nike, adidas, under-armour",
"type": "Ransomware",
"date": "11/2023",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'industry': 'Apparel',
                        'name': 'Nike',
                        'type': 'Corporation'},
                       {'customers_affected': 'Fraction of 72 million (email '
                                              'addresses)',
                        'industry': 'Apparel',
                        'name': 'Under Armour',
                        'type': 'Corporation'},
                       {'customers_affected': 'Consumer contact details '
                                              'exposed',
                        'industry': 'Apparel',
                        'name': 'Adidas',
                        'type': 'Corporation'},
                       {'industry': 'Apparel',
                        'name': 'The North Face',
                        'type': 'Corporation'}],
 'customer_advisories': "Nike: 'We always take consumer privacy and data "
                        "security very seriously.' Under Armour: Confirmed "
                        'breach but emphasized UA.com and payment systems '
                        'remain unaffected.',
 'data_breach': {'data_exfiltration': 'Threatened by WorldLeaks (Nike)',
                 'number_of_records_exposed': '72 million (disputed, likely a '
                                              'fraction)',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'Personally identifiable information',
                 'type_of_data_compromised': ['Customer details (names, '
                                              'emails, birthdates)',
                                              'Email addresses']},
 'description': 'Nike and Under Armour have become the latest high-profile '
                'victims of ransomware attacks, with cybercriminals leveraging '
                'extortion tactics to demand payments. The incidents highlight '
                'the growing threat to global apparel brands, following '
                'similar breaches at Adidas and The North Face last year.',
 'impact': {'data_compromised': 'Customer details such as names, emails, and '
                                'birthdates (Nike); email addresses (Under '
                                'Armour)',
            'payment_information_risk': 'None (Under Armour)'},
 'investigation_status': 'Ongoing (Nike); Under Armour assessing impact',
 'motivation': 'Extortion',
 'ransomware': {'data_exfiltration': 'Threatened by WorldLeaks (Nike)'},
 'references': [{'source': 'Cyber Incident Description'}],
 'response': {'third_party_assistance': 'Under Armour is working with external '
                                        'cybersecurity experts'},
 'threat_actor': ['WorldLeaks', 'Everest'],
 'title': 'Nike and Under Armour Hit by Ransomware Attacks',
 'type': 'Ransomware'}