NEW YORK, Jan 26, 2026, 14:41 EST
- Nike announced it is looking into a possible cybersecurity breach following claims from a group that it leaked company data
- The group claimed to have leaked 1.4 terabytes of Nike files online; Reuters has not verified this claim
- Cybernews reported that after examining the samples, their researchers found no customer or employee personal data
Nike announced Monday it’s probing a potential data breach after a group named World Leaks claimed to have leaked 1.4 terabytes of data linked to the company’s operations. (Reuters)
This claim hits Nike at a tough time, as the company struggles to regain ground against smaller sportswear competitors and protect its product pipeline. Even without customer data being compromised, a leak revealing internal designs or manufacturing secrets can cause serious problems.
This also highlights a shift among extortion groups, who are relying less on traditional ransomware that locks down systems for ransom, and more on stealing data to threaten its release as a form of pressure.
Nike hasn’t disclosed what information was stolen or how the breach occurred. The company also refused to comment on whether any ransom was requested or paid.
World Leaks claimed it had uploaded the data to its site, but Reuters was unable to download the files or confirm the claim right away, and attempts to reach the hackers failed.
The Register uncovered a listing claiming the theft of 188,347 files, mostly tied to design and manufacturing workflows—not customer data. Among the folders were ones labeled “Women’s Sportswear” and “Garment Making Process.” (The Register)
Cybernews reported that its research team analyzed the samples and found the files to be legitimate. The company noted it did not find any customer or employee personally identifiable information—like names or email addresses—in the data it reviewed. (Cybernews)
The big unknown is what more might be in the dump. Product specs, factory audits, and internal presentations remain out there, potentially revealing pricing, timelines, and supplier practices. If the data checks out, it could be a goldmine for counterfeiters.
Nike said it is “actively assessing the situation.” JD Sports had no immediate comment, according to Reuters, and neither Dick’s Sporting Goods nor Macy’s responded right away to requests for comment.
SecurityWeek revealed that the group put Nike on a Tor-based leak site—Tor being software that hides a user’s location—alongside a countdown linked to a threatened data dump if a ransom wasn’t paid. (SecurityWeek)
Shares of Nike remained unchanged late Monday morning, Reuters reports.
If personal data gets caught up in the breach, the stakes shoot up quickly: mandatory breach notifications, possible investigations from regulators, and drawn-out lawsuits. A leak involving just “corporate files” can still hurt, though the damage hinges on the archive’s contents and Nike’s ability to control any misuse that follows.
