Nike and Under Armour just joined the club nobody wants a membership to: the “ransomware gangs put your name on a dark-web” group. You know, the one that Dior, Harrods, Kering, and Marks & Spencer joined last year. It appears WorldLeaks, an extortion group that loots data from companies, has stolen information from their systems.
If you need more clarity, here’s how it works. A hacking crew breaks into a system, grabs data, then posts your brand on a leak site to crank up pressure. If the company pays, the crooks promise they won’t publish the information. If the company doesn’t pay, the crooks try to embarrass them into compliance by dumping the files online.
In Nike’s case, the WorldLeaks group claims it has stolen data and set a countdown clock for 6 p.m. Saturday, when it promises to release the material publicly if Nike doesn’t meet its demand. While this doesn’t seem like a big deal to most, Nike is taking it very seriously: “We always take consumer privacy and data security very seriously. We are investigating a potential cyber security incident and are actively assessing the situation,” the sportswear brand told Footwear News.
Nobody has confirmed what WorldLeaks actually accessed at Nike. Are they email addresses? Shoe sizes? Items they purchased?
Ransomware hits often involve basics like customer details, names, gender, email address, and birthdate. Sometimes it’s just a lot of junk and useless information. Dell, who was recently listed on WorldLeaks’ site, said in July 2025 that hackers only took synthetic or publicly available info (1.3TB of data) from a product demo platform. So, no big loss there.
Under Armour’s situation looks a little messier, though, mostly because the timeline stretches back to November 2025. The Everest ransomware gang claimed responsibility, and reports floated a number as high as 72 million email addresses. That’s a lot.
A source familiar with the probe pushed back and said a “fraction” of that amount got exposed. Under Armour didn’t shrug it off either: “We are aware of claims that an unauthorized third party obtained certain data. Our investigation of this issue with the assistance of external cybersecurity experts is ongoing. Importantly, at this time, we have no evidence to suggest this issue has affected UA.com or systems used to process payments or store customer passwords,” Under Armour said. “Any implication that sensitive personal information of tens of millions of customers has been compromised is unfounded. The security of our systems and data is a top priority for Under Armour, and we take this issue very seriously.”
There seems to be a major attack on sports brand over the last year. Adidas dealt with a third-party customer service breach in April, too. The North Face also saw credential stuffing a month later.
It’s unclear at this time if Nike or Under Armour will pay the hackers’ fee following the ransomware attacks.
RELATED: NASCAR Driver Tyler Reddick Reveals A Top Secret Camouflage Snakeskin Air Jordan 4
