Nike Breach Adds to South Korea’s Growing Consumer Data Problem

(Photo=Nike)

South Korea built one of the world’s most digitally connected consumer markets by making nearly every part of daily life available through a smartphone. Shopping, entertainment, payments and deliveries can be handled through platforms that hold extensive information about their users. A data breach at Nike’s Korean operation is now adding to concerns that the security protecting that information has not advanced at the same pace.

Nike Korea, the South Korean subsidiary of the U.S. sportswear company, said it discovered on July 9 that an unauthorized third party had accessed one of its platforms and obtained a limited amount of personal information belonging to some customers.

The company informed affected members on July 15 and said it immediately opened an investigation, secured the affected systems and strengthened its security measures. Nike Korea also brought in cybersecurity specialists and began a forensic review to determine what information was exposed and how many customers were affected.

Those details remain unknown. Nike Korea has not disclosed the number of people involved or identified the specific categories of data obtained by the unauthorized party.

The uncertainty is significant because Nike has a large digital customer base in South Korea. Its app had about 1.21 million monthly active users in the country as of September 2025, according to WiseApp Retail, a South Korean mobile and retail data analysis company. The figure does not represent the confirmed number of affected customers, but it illustrates the scale of the platform through which the company reaches Korean consumers.

Nike Korea warned members to watch for emails, text messages and phone calls that falsely claim to concern orders, refunds or payments. It said communications requesting passwords or authentication codes, or directing customers to install software through a QR code, were not connected to the company.

The breach would ordinarily be treated as a contained problem at one corporate platform. In South Korea, however, it follows other incidents involving companies that serve millions of consumers.

Coupang, South Korea’s largest e-commerce company and a New York Stock Exchange listed business, faced controversy after a former employee was found to have improperly accessed personal information belonging to 33.7 million people. TVING, a major South Korean streaming service operated by entertainment and retail conglomerate CJ Group, later reported that a cyberattack had exposed information including customer names, contact details and identity verification data.

The incidents were different in method and scale. The information currently available does not establish that they resulted from the same security weakness or that South Korea’s digital platforms share a single structural vulnerability. Their succession, however, is increasing scrutiny of how companies collect, store and protect consumer data in a market where digital services are deeply embedded in everyday life.

For multinational companies, the Nike Korea incident also shows that a global brand’s cybersecurity exposure is shaped by the local platforms, databases and operating systems used in each market. A company may maintain worldwide security policies, but a breach involving one national operation can still expose local customers and damage trust in the broader brand.

South Korea’s digital economy has long been defined by convenience and speed. The growing question is whether the companies benefiting from that system can provide security at the same scale.

User_logo_rmbg
Jin Lee

Share:

Facebook
Threads
X
Email
Most view
Latest News
Guru's Pick