Nike Allegedly Breached by WorldLeaks Ransomware Group in Major Cyberattack

Global sportswear manufacturer Nike faces an alleged cyberattack from WorldLeaks, a ransomware group that has publicly claimed responsibility for the breach on its leak site.

According to the group’s announcement, stolen data is scheduled for release this Saturday at 6 p.m., marking an escalation in what security researchers characterize as an increasingly aggressive extortion campaign targeting enterprise organizations.

Sponsored

class="wp-block-heading" id="attack-claims-and-initial-response">Attack Claims and Initial Response

The WorldLeaks ransomware group posted the claim on its operational leak site, where it typically announces victims and schedules data releases to pressure organizations into ransom payment.

https://twitter.com/seblatombe/status/2014417495982031289?ref_src=twsrc%5Etfw

As of the current date, Nike has not issued a detailed public statement confirming the intrusion, nor has independent technical verification been published by security researchers or incident response firms.

The exact scope and composition of exfiltrated data remain unconfirmed, though WorldLeaks claims to have obtained a substantial volume of internal Nike information.

Based on historical analysis of WikiLeaks operations, security analysts estimate the stolen dataset could range from several hundred gigabytes to multiple terabytes of sensitive material.

Ransomware groups employing WikiLeaks’ operational model typically gain initial network access through one of three primary vectors: compromised VPN credentials, exploited vulnerabilities in internet-facing applications, or spear-phishing campaigns targeting employees and business partners.

Once inside the perimeter, threat actors execute lateral movement to identify and exfiltrate high-value data before deploying encryption payloads.

The exfiltration phase typically involves data aggregation, compression, and upload to attacker-controlled servers.

This approach allows criminals to maintain extortion leverage independent of encryption success. Data theft alone provides sufficient pressure for ransom demands.

While specific contents remain unclear, typical datasets harvested in enterprise breaches of this scale include internal corporate documentation, strategic business files, employee personal information, customer contact databases, supplier and partner communications, commercial contracts, and human resources records containing employee sensitive data.

If WikiLeaks publishes the threatened data, the consequences could extend across multiple stakeholder groups. Exposed employee records may enable targeted phishing and identity fraud.

Customer and partner information could facilitate social engineering attacks and supply chain compromises.

Disclosure of strategic documents may harm competitive positioning and reveal sensitive business operations.

Threat intelligence teams and incident responders will likely begin analyzing any published data to validate authenticity, quantify breach scope, and assess downstream risk to connected individuals and organizations.

Organizations with business relationships to Nike should prepare for potential notification and prepare contingency incident response protocols.

Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google.

The post Nike Allegedly Breached by WorldLeaks Ransomware Group in Major Cyberattack appeared first on Cyber Security News.