Mizuno USA, a subsidiary of Mizuno Company, one of many world’s largest sporting items producers, confirmed in data breach notification letters that unknown attackers stole information from its community between August and October 2024.
Headquartered in Peachtree Corners, Georgia, Mizuno USA manufactures and distributes golf, working, baseball, volleyball, softball, swimming, and tennis tools, attire, and footwear for North America.
In a Thursday submitting with Maine’s legal professional common, the corporate stated it detected suspicious exercise on its community on November 6, 2024. The investigation discovered that unknown attackers breached a few of its techniques and exfiltrated paperwork containing private info belonging to an undisclosed variety of people.
“The investigation decided that sure techniques throughout the community have been accessed by an unknown particular person and information have been copied with out authorization periodically between August 21, 2024 and October 29, 2024,” Mizuno says in data breach notification letters despatched to impacted folks.
“Mizuno then undertook an in depth assessment of the related information to find out what info was current and to whom it relates. This assessment was accomplished on December 18, 2024, and Mizuno labored as shortly as attainable thereafter to supply this discover to doubtlessly impacted people.”
The data contained within the stolen information varies by impacted particular person, and it might embrace the title, Social Safety quantity, monetary account info, driver’s license info, and passport quantity.
The corporate now provides one 12 months of free credit score monitoring and identification safety companies to these impacted by the data breach and advises them to watch their accounts and credit score stories for indicators of identification theft and fraud.
Breach claimed by BianLian ransomware operation
Whereas Mizuno has not supplied extra info on the breach and hasn’t replied to a number of emails despatched by BleepingComputer asking for extra particulars, the BianLian ransomware gang claimed the assault in early November.
In early February 2022, Mizuno USA was additionally hit by a ransomware assault that brought about widespread enterprise disruption, together with telephone outages, order delays, and web site points.
The ransomware group stated it had stolen a variety of delicate enterprise and buyer information, together with finance and Human Sources information, contracts and confidential agreements, commerce secrets and techniques and patents, mailboxes, and inner and exterior e mail correspondence.
Since then, the attackers have up to date Mizuno’s entry on their darkish net leak web site so as to add the screenshot of a spreadsheet allegedly containing the corporate’s bills following the 2022 ransomware assault and screenshots of different paperwork purportedly stolen from the corporate’s techniques final 12 months.
BianLian has focused non-public firms and significant infrastructure organizations worldwide since June 2022. Beginning January 2023, when Avast launched a free decryptor for its ransomware, the gang switched to extortion-only assaults.
Most just lately, BianLian has added Air Canada, Northern Minerals, and the Boston Youngsters’s Well being Physicians to its listing of victims.
