Nike has confirmed it is investigating a potential cybersecurity incident after ransomware group World Leaks reportedly exposed approximately 1.4 terabytes of corporate data.
Researchers at Cybernews found that within the 190,000 files leaked, the data includes garment measurements for products, details on materials, retail prices, product lifecycle information, clothing testing reports, corporate slides, and factory audits.
The disclosure first emerged when cybersecurity analysts discovered Nike’s name appearing on World Leaks’ dark web portal on January 23rd, with the group following through on its threat by publishing the data after a countdown timer expired on January 24th.
In a statement to media outlets, Nike acknowledged the situation: “We always take consumer privacy and data security very seriously. We are investigating a potential cybersecurity incident and are actively assessing the situation.”
The company has not yet confirmed whether the leaked data belongs to them, though the Cybernews research team concluded that the files appear legitimate. Notably, there is no personally identifiable information within the files.
“In this case, the impact of the breach would be limited to loss of competitive advantage, increased risk of counterfeit products, and possible supply-chain disruptions,” the Cybernews team explained.
Researchers also discovered that the information spans through 2026, meaning counterfeiters could begin producing fake Nike products before they even reach official release.
Who are World Leaks?
World Leaks launched in early 2025 and is believed to be a rebrand of the Hunters International ransomware group. Since Hunters International maintained Russia-linked operations, security experts assume the group has similar geographic ties.
Separately from its predecessor, World Leaks does not encrypt files and demand payment for decryption keys, but primarily threatens to leak stolen data. Security researchers believe it operates as an “extortion-as-a-service” platform.