Elizabeth Montalbano, Contributing Writer January 27, 2026 3 Min Read Source: Ken Wolter via Alamy Stock Photo Nike is investigating a potential data breach after the extortion group WorldLeaks claimed to have exfiltrated more than 1.4TB of files belonging to the global sportswear brand and published it on its leak site. In in a post on X over the weekend, threat intelligence organization JustaBreach reported the leak of 188,347 files allegedly stolen from Nike's internal systems. In a statement to Dark Reading, the sportswear company confirmed that it is currently investigating if an incident did indeed occur. "We always take consumer privacy and data security very seriously," Nike said in the statement. "We are investigating a potential cyber security incident and are actively assessing the situation." The company did not specify what actions are being taken as part of the investigation. Meanwhile, JustaBreach claimed that WorldLeaks added Nike to their leak site earlier this week after a ransom deadline expired on Jan. 25 around 6 pm GMT, calling the leak a "full-on data dump" and addressing rumors that cite a third-party breach as the source of the intrusion. WorldLeaks emerged as the successor to the notorious ransomware group Hunters International, which closed its doors last year. "This is a wake-up call for any large brand relying on third-party software/vulnerable supply chains," according to the post. Significant Trove of Nike Files Leaked If the list of files reportedly leaked are indeed from Nike, it's a huge blow to the company's privacy and a significant haul for the threat actor, with the exposure of archives spanning the years 2020 through 2026. Included in the trove of files are assets from Nike's research and development (R&D) and product creation teams, including technical packs, bills of materials (BoMs), prototypes, schematics, and design files. The breach also affected Nike's supply chain and manufacturing divisions, with factory audits, partner information, production processes, workflows, and validations included in the leaked data, according to JustaBreach. WorldLeaks also exposed internal business documents related to strategic presentations, employee trainings, internal videos, and company partnerships, according to the post. So far, there is no evidence that any personally identifiable information (PII) — such as what would be found in emails or payment data — was exposed in the files leaked by the extortion group. WorldLeaks emerged last year as an extortion-only group that focuses on stealing and exposing sensitive data rather than encrying files with ransomware. The files leaked appear to point to an opportunity for "industrial espionage," according to JustaBreach, in and of itself is a threat to Nike, which has been in the process of rebuilding its brand after losing sales and market share to rivals in recent years. Putting over so much sensitive corporate data in the hands of counterfeiters could give them a leg up in closing the quality gap between genuine products and black-market fakes, which would be a significant blow to Nike's legitimate business during a critical time for the company, Justabreach noted. Exposure Risks for Nike, Partners The inclusion of retail pricing strategies and business presentations also could reveal Nike's long-term plans and operational margins to competitors. This exposure in particular demonstrates a rising trend of what experts call "value-chain extortion," which targets a brand's competitive edge rather than consumer data and holds that for ransom. Key business partners and retail chains could also be at risk from the breach, depending on what data is contained in the leak. The exposure of third-party data was a key concern for organizations impated by a wave of Salesforce breaches last summer. Nike rival Adidas and other top brands suffered breaches when two different threat campaigns obtained company data by compromising Salesforce instances. Global fashion brands Chanel and Louis Vuitton as well as high-end jeweler Tiffany Co. also were impacted by the Salesforce breaches, among many others. Indeed, large retail brands are consistent targets for ransomware gangs and other extortion-focused groups, in particular due to the potential for a large payout if a company decides to pay the ransom. About the Author Elizabeth Montalbano, Contributing Writer Elizabeth Montalbano is a freelance writer, journalist, and therapeutic writing mentor with more than 25 years of professional experience. Her areas of expertise include technology, business, and culture. Elizabeth previously lived and worked as a full-time journalist in Phoenix, San Francisco, and New York City; she currently resides in a village on the southwest coast of Portugal. In her free time, she enjoys surfing, hiking with her dogs, traveling, playing music, yoga, and cooking. See more from Elizabeth Montalbano, Contributing Writer