Nike investigates data breach after extortion gang leaks files

Key Points:

• World Leaks ransomware gang has leaked 1.4 TB of files allegedly stolen from Nike, claiming to have taken nearly 190,000 corporate files.
• The potential impact includes exposure of sensitive business operations data, which could lead to reputational damage and financial loss for Nike.
• Recommended actions include conducting a thorough investigation to assess the legitimacy of the claims, enhancing monitoring for further data leaks, and considering negotiations with the extortion group if necessary.

Technical Details: World Leaks is believed to be a rebrand of Hunters International ransomware, which shifted from file encryption to data theft and extortion. The group has been linked to multiple attacks and exploits, including the use of OVERSTEP rootkit malware.

MITRE ATT&CK Techniques:

• T1071.001 - Application Layer Protocol: Web Protocols (Command and Control)
• T1490 - Inhibit System Recovery (Impact)
• T1583.001 - Acquire Infrastructure: Domain Registration (Initial Access)

IOCs Mentioned: None mentioned