Nike probes potential cyber incident after hackers claim data leak

Sportswear giant Nike said it is investigating a potential cybersecurity incident after a hacking group claimed it had leaked a large volume of the company’s internal data.

The company said in a brief statement that it takes consumer privacy and data security seriously and is “actively assessing the situation,” but offered few details about the scope of the alleged breach or whether customer information may have been exposed.

Earlier this week a ransomware group known as WorldLeaks claimed on the dark web that it had leaked more than 1.4 terabytes of data allegedly belonging to Nike. The group said the material includes internal documents, archives from the past five years and information related to the company’s supply chain and manufacturing operations.

The authenticity of the data has not been independently verified, and it remains unclear whether customer data is part of the purported leak. Nike did not say whether it had received ransom demands or whether it was in contact with the attackers. The company did not immediately respond to a request for comment.

WorldLeaks is believed to be a rebranding of the now-defunct Hunters International operation, which shut down last year. Cybersecurity researchers have previously suggested that some administrators behind both groups may have ties to the Hive ransomware operation, a prolific ransomware syndicate dismantled by law enforcement in 2023.

The group has claimed hundreds of victims so far. Earlier in July, it allegedly breached tech manufacturer Dell, though the company said at the time that no sensitive information had been involved.

Nike is the latest sportswear brand to face cyberattack claims. Last week, Under Armour said it was investigating allegations that hackers had posted millions of customer records on an online forum, including names, email addresses and purchase-related data. It was not immediately clear whether the incidents involving Nike and Under Armour were connected.