In late January 2026, global sportswear giant Nike disclosed it is investigating a possible data breach after a known ransomware group claimed to have leaked 1.4 terabytes of internal business data. The company confirmed it is reviewing the situation but has not yet provided details on the breach’s scope or whether a ransom was paid.
This incident is part of a broader trend in 2026 where cyberattacks are increasing in volume, complexity, and impact. Several key developments paint a stark picture of the current threat landscape:
Zero‑day exploits are active: Microsoft issued emergency patches for a critical Office zero-day vulnerability (CVE‑2026‑21509) that was already being exploited in the wild, underscoring how attackers are finding and using flaws before defenders can patch them.
State‑linked operations continue: Security researchers linked a destructive malware attack on Polish power infrastructure to the Russian‑associated Sandworm group. While it did not ultimately disrupt service, the operation illustrates how nation‑state actors are targeting critical infrastructure.
Other major breaches are unfolding: Market intelligence firm Crunchbase confirmed a data breach after hacker publications, suggesting that even well‑known tech platforms are not immune to credential theft and data exfiltration.
The Nike incident, zero‑days, and infrastructure attacks reflect a broader cybersecurity trend in 2026: attackers are combining sophisticated technical exploits with large‑scale data theft. Organizations must accelerate patching, implement robust multi‑factor authentication, and monitor systems for unusual access patterns to stay ahead of these evolving threats.