CyberInsider

Reliable cybersecurity news and resources

General

Latest News

About

CyberInsider covers the latest news in the cybersecurity and data privacy world. In addition to news, we also publish in-depth guides and resources.
See our Mission >

Mizuno USA Confirms Data Breach Following Ransomware Claim

By Leave a Comment

Mizuno USA has confirmed a data breach following claims by the BianLian ransomware group, which listed the company on its leak site and published stolen data. The attack resulted in unauthorized access to Mizuno's network, with sensitive information being exfiltrated over a two-month period in 2024.

Mizuno USA is a subsidiary of Mizuno Corporation, a Japanese sportswear and equipment manufacturer founded in 1906. The company operates globally, producing high-performance athletic gear for baseball, golf, running, and other sports.

The company first detected suspicious activity within its systems on November 6, 2024. The company immediately launched an internal investigation and secured its network. Findings revealed that a threat actor had gained access and extracted files from Mizuno's systems between August 21, 2024, and October 29, 2024.

A detailed review of the compromised files concluded on December 18, 2024, confirming that the exposed data included:

  • Full names
  • Social Security numbers
  • Financial account details
  • Driver's license information
  • Passport number

Mizuno began notifying impacted parties on January 30, 2025 and has offered 12 months of complimentary credit monitoring. The company has also provided affected individuals with resources on how to place fraud alerts, freeze their credit, and monitor their financial accounts.

Mizuno_-_Notice_of_Data_Event_-_MEDownload

BianLian's claims

The BianLian ransomware group took responsibility for the breach previously, publishing Mizuno USA's name and data samples on its leak site. The group claims to have stolen financial records, HR data, contracts, vendor and partner details, client and customer records, internal email correspondence, trade secrets, patents, and future product design drawings.

CyberInsider

BianLian's post suggests that Mizuno may have attempted to negotiate a ransom payment but ultimately did not reach an agreement, though this hasn't been confirmed. The group has threatened to release additional stolen data soon.

In response to the breach, Mizuno says it has taken steps to enhance its security stance and is implementing additional safeguards.

This incident serves as a reminder to enable multi-factor authentication (MFA) to protect online accounts, even those on sportswear e-shops, as that simple measure is enough to prevent hijacks and more extensive exposure in the case of credentials compromise. Those who have bought items from Mizuno USA's shop should monitor financial transactions and set up alerts for unusual activity. At the time, the number of impacted individuals remains unknown.

About Amar Ćemanović

Amar Ćemanović is an experienced editor and trained engineer with a keen eye for detail and a passion for technology. 
Based in Bosnia, Amar specializes in producing high-quality, engaging content. He holds a Master’s degree in engineering, which helps him maintain a meticulous approach to all editorial work. Amar brings a well-rounded knowledge base, covering everything from tech solutions to privacy tools.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *