Nike has launched an investigation into a potential cyber attack after a ransomware group claimed it had leaked a huge volume of the sportswear giant’s internal data, raising fresh concerns over corporate cybersecurity risks, Reuters news report said.
Nike said it was assessing a possible data breach after World Leaks, a group known for cyber attacks, alleged it had published around 1.4 terabytes of Nike-related data online. The company did not confirm the nature or scale of the incident.
“We always take consumer privacy and data security very seriously,” Nike said in a statement. “We are investigating a potential cyber security incident and are actively assessing the situation.”
The hacking group claimed the leaked data relates to Nike’s business operations. However, Reuters was unable to independently verify the claim or download the data, and efforts to contact the hackers were unsuccessful.
Limited details as investigation continues
Nike declined to comment on whether any ransom demand was made or paid, or on what types of data may have been accessed. It also remains unclear whether the incident affected information linked to Nike’s wholesale partners, including Dick’s Sporting Goods, Macy’s, and JD Sports.
Dick’s and Macy’s did not immediately respond to requests for comment, while a spokesperson for JD Sports said the company had no immediate comment.
The lack of clarity highlights a common challenge in cyber incidents, where companies often need time to understand the scope of an attack before sharing specifics with the public.
Cyber attacks continue to hit major brands
The reported incident comes as Nike works to regain momentum after losing market share to smaller rivals. The company’s shares were flat in late morning trading on Monday, suggesting investors are waiting for more concrete details.
Data breaches and ransomware attacks have caused widespread disruption across industries in recent years, often resulting in significant financial losses. MGM Resorts International, Clorox, and UnitedHealth Group all suffered major cyber attacks in 2023 and 2024. MGM said its attack led to at least $100 million in damages, while Clorox reported a drop of more than $350 million in quarterly net sales following its breach.
As regulators, investors, and customers place growing emphasis on data protection and governance, cyber security has become a central ESG issue for global companies. The outcome of Nike’s investigation is likely to be closely watched, both for its impact on the brand and for what it signals about the evolving threat landscape facing multinational corporations.
RAJANI BABURAJAN
