NIKE is investigating a potential data breach after WorldLeaks claimed it exfiltrated more than 1.4TB of Nike data and published it on its leak site. In a post on X, threat intelligence organisation JustaBreach reported the leak of 188,347 files allegedly stolen from Nike’s internal systems, with Nike confirming it is examining whether an incident occurred.
WorldLeaks emerged as the extortion-focused group that claims to have added Nike to its leak site earlier this week after a ransom deadline around 25 January at about 6pm GMT, calling the leak a “full-on data dump”. The trove reportedly spans archives from 2020 through 2026 and includes assets from Nike’s R&D and product creation teams, such as technical packs, BoMs, prototypes, schematics, and design files, as well as internal business documents and partnerships, according to JustaBreach.
JustaBreach described the incident as a wake-up call for large brands relying on third-party software and vulnerable supply chains, with analysts noting the data exposure could threaten Nike’s privacy and competitive position. Nike emphasised it is actively assessing the situation and taking steps as part of its investigation.