Nike is investigating what it described as a “potential cyber safety incident” after the World Leaks ransomware gang leaked 1.4 TB of information allegedly stolen from the sportswear big.
“We all the time take client privateness and information safety very significantly,” the corporate informed BleepingComputer in an electronic mail assertion. “We’re investigating a possible cyber safety incident and are actively assessing the state of affairs.”
This comes after the extortion group added Nike to its darkish net data-leak web site, claiming it stole practically 190,000 information containing company information offering data on Nike’s enterprise operations.
Earlier than this text was printed, World Leaks eliminated the Nike entry from its leak, suggesting that it might be negotiating with the corporate or that Nike has already paid a ransom to have the allegedly stolen paperwork eliminated.
Nonetheless, Nike has but to substantiate the extortion gang’s claims of information theft, and BleepingComputer could not independently confirm whether or not the leaked information contained official information.
World Leaks is believed to be a rebrand of the Hunters Worldwide ransomware, following a change from file encryption to information theft and extortion-only assaults in January 2025, citing issues that ransomware operations had been changing into too dangerous and had been now not worthwhile.
Hunters Worldwide emerged in late 2023 and was itself flagged as a potential Hive ransomware rebrand on account of code similarities, after claiming duty for over 280 assaults.
The listing of victims contains the U.S. Marshals Service, the Indian multinational tech big Tata Applied sciences, the Japanese optics big Hoya, the North American car dealership AutoCanada, and the U.S. Navy contractor Austal USA.
Because it surfaced, World Leaks has additionally printed information stolen from dozens of organizations worldwide on its information leak web site.
In July, World Leaks associates had been linked to the breach of one among Dell’s product demonstration platforms and to the exploitation of end-of-life SonicWall SMA 100 gadgets to put in customized OVERSTEP rootkit malware on compromised methods.
As MCP (Mannequin Context Protocol) turns into the usual for connecting LLMs to instruments and information, safety groups are shifting quick to maintain these new providers secure.
This free cheat sheet outlines 7 finest practices you can begin utilizing right now.
