Nike Investigates Reported Ransomware Attack Amid Data Leak Threats
Nike is actively investigating a potential cybersecurity incident following claims by the hacking group World Leaks that it had stolen company data. The group threatened to publish the data within 48 hours unless a ransom demand was met, though specifics of the stolen information remain unclear.
This follows a 2023 ransomware attack on Nike, where another group exfiltrated customer data including names, email addresses, genders, dates of birth, and purchase details later reported by TechCrunch. The latest incident suggests a possible pattern of targeting by ransomware actors.
Nike, headquartered in Beaverton, Oregon, confirmed the investigation in a statement on August 1, 2024, emphasizing its commitment to consumer privacy and data security. No further details on the scope or impact of the breach have been disclosed.
The incident adds to a growing trend of high-profile ransomware attacks on major brands, with Under Armour also recently targeted. Authorities and cybersecurity experts continue to monitor the situation.
Source: https://www.oregonlive.com/business/2026/01/nike-investigating-a-reported-ransomware-attack.html
Nike cybersecurity rating report: https://www.rankiteo.com/company/nike
Thunderbird School of Global Management cybersecurity rating report: https://www.rankiteo.com/company/thunderbird
"id": "NIKTHU1769228891",
"linkid": "nike, thunderbird",
"type": "Ransomware",
"date": "6/2023",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Apparel/Footwear',
'location': 'Beaverton, Oregon, USA',
'name': 'Nike',
'type': 'Corporation'}],
'data_breach': {'data_exfiltration': 'Yes',
'personally_identifiable_information': 'Names, email '
'addresses, genders, '
'dates of birth, '
'purchase details',
'sensitivity_of_data': 'Personally Identifiable Information '
'(PII)',
'type_of_data_compromised': 'Customer data'},
'date_detected': '2024-08-01',
'date_publicly_disclosed': '2024-08-01',
'description': 'Nike is actively investigating a potential cybersecurity '
'incident following claims by the hacking group World Leaks '
'that it had stolen company data. The group threatened to '
'publish the data within 48 hours unless a ransom demand was '
'met. This follows a 2023 ransomware attack on Nike where '
'customer data was exfiltrated.',
'impact': {'data_compromised': 'Customer data (names, email addresses, '
'genders, dates of birth, purchase details)',
'identity_theft_risk': 'High'},
'investigation_status': 'Ongoing',
'motivation': 'Extortion',
'ransomware': {'data_exfiltration': 'Yes',
'ransom_demanded': 'Yes (unspecified amount)'},
'references': [{'source': 'TechCrunch'}],
'response': {'communication_strategy': 'Public statement emphasizing '
'commitment to consumer privacy and '
'data security',
'incident_response_plan_activated': 'Confirmed investigation'},
'threat_actor': 'World Leaks',
'title': 'Nike Investigates Reported Ransomware Attack Amid Data Leak Threats',
'type': 'Ransomware'}