Nike has initiated an internal cybersecurity investigation after a threat actor group calling itself WorldLeaks claimed it had accessed internal company data and threatened public disclosure.
The claim surfaced after WorldLeaks listed Nike on its leak site, alleging possession of internal information. At the time of reporting, the group has not released sample data publicly, and no independent verification of data exfiltration has been confirmed.
Nike acknowledged awareness of the claim and stated that it is actively reviewing the situation. The company has not confirmed that a breach has occurred and has not disclosed details regarding the nature or scope of the alleged access. No impact on customer-facing systems or services has been publicly reported.
According to cybersecurity researchers tracking the group, WorldLeaks operates using an extortion-based model that focuses on data theft claims rather than widespread system encryption. Organizations targeted by such groups are often listed publicly as a pressure tactic while investigations are ongoing.
As of now, there is no official confirmation regarding what data, if any, was accessed, whether employee or customer information was involved, or whether ransom demands were made. The matter remains under internal and third-party security review.
The incident reflects a broader trend in which large global enterprises are increasingly named by threat actors, even before technical details are fully established. Companies typically assess logs, access controls, and network activity before confirming or denying breach claims.
Nike has not issued further public updates beyond confirming that it is investigating the allegation.