Nike Probes Reported Cyber Attack After Ransomware Group Claims Data Theft

Sportswear giant Nike said it is investigating a potential data security incident after a hacking group claimed it breached the company’s internal network and stole confidential information.

 

Recently, the World Leaks ransomware group claimed to have breached Nike’s infrastructure and listed the company as a victim on its data leak site. While the group provided minimal information to support its claim and shared no evidence of the alleged hack or any ransom demand, the leak post has already been viewed multiple times on the dark web.

 

 

Also, according to the World Leaks post, the group intends to publish the stolen data within the next couple of days.

 

Acknowledging reports of the data security incident, a Nike spokesperson told Cyber Daily that the company has launched an investigation to determine the authenticity of the threat actor’s claims. 

 

“We always take consumer privacy and data security very seriously. We are investigating a potential cyber security incident and are actively assessing the situation,” the spokesperson said.

 

World Leaks is a cyber extortion group that emerged as a rebrand of the former ransomware operation Hunters International. Since rebranding, World Leaks has claimed responsibility for over 100 breaches worldwide. 

 

One notable incident involved a breach of Dell Technologies’ Customer Solution Centers in June 2024. Although Dell stated that no sensitive customer or corporate data was compromised, World Leaks claimed to have stolen 1.3 terabytes of data, including IT deployment files and internal provisioning scripts, some containing internal-use passwords. The affected environment was non-production and isolated, containing mostly synthetic and public data.

 

World Leaks affiliates have also been linked to attacks exploiting vulnerabilities in end-of-life SonicWall SMA 100 devices, where attackers deployed a custom rootkit called OVERSTEP. Over 20% of World Leaks’ listed victims reportedly used these vulnerable devices.

 

Overall, World Leaks represents a shift in ransomware group tactics, focusing more on data theft and extortion rather than traditional ransomware encryption, reflecting changes in the cybercrime landscape.