HQ/EMEAFind out how we can help your business
In recent data breach notification letters, Mizuno USA revealed that unidentified threat actors have stolen files from its network from its undetected state from August to October last year.
The affected entity is a subsidiary of Mizuno Corporation, one of the world’s significant athletic goods manufacturers. The attack could have massive implications for various parties that could have suffered from the breach.
In a filing with Maine’s attorney general last week, the corporation detected suspicious activity on its network in November last year. Moreover, its investigation uncovered that unknown hackers had infiltrated multiple parts of its networks and nabbed various files containing personal information from unspecified people.
Mizuno then conducted a thorough assessment of the alleged stolen files to determine which information was included and which individuals were affected. This assessment concluded the next month, and the corporation immediately notified potential victims.
As of now, the confirmed files affected by the breach may include names, Social Security numbers, financial account information, driver’s license information, and passport numbers.
The corporation clarified that the affected people are eligible to acquire its 12-month free credit monitoring and identity protection services and advise on checking their accounts and credit reports for indicators of identity theft and fraud.
The BianLian ransomware group claimed responsibility for the Mizuno USA breach.
Mizuno USA has yet to attribute the recent breach to any known hacker group. However, the BianLian ransomware group have already claimed responsibility for the attack in early November.
It is also worth noting that a ransomware attack also targeted Mizuno USA in February 2022, resulting in extensive company disruptions such as phone outages, order delays, and website difficulties.
The ransomware attackers allege that it has acquired a wide range of sensitive business and consumer information. The stolen data include finance and HR information, contracts and private agreements, trade secrets and patents, mailboxes, and internal and external email exchanges.
Since then, the attackers have updated Mizuno’s entry on their dark web leak site to include a screenshot of a spreadsheet supposedly revealing the company’s expenses after the 2022 ransomware attack.
People potentially affected by this alleged breach should be wary of their digital presence since hackers have allegedly leaked customer data on the dark web. Lastly, be cautious of unsolicited communications, as the hackers may use the stolen emails to conduct social engineering and phishing campaigns.
