Mizuno USA reports cyberattack, says hackers lurked in its network for two months

Mizuno USA, a subsidiary of Mizuno Corporation and a major sporting goods manufacturer based in Georgia, is reporting a cyberattack and data breach where attackers maintained persistent access to their network for over two months.

The company detected suspicious network activity on November 6, 2024. According to their investigation, unauthorized access to their systems occurred between August 21, 2024, and October 29, 2024, during which attackers periodically exfiltrated sensitive files.

The exposed data includes

• names,
• Social Security numbers,
• financial account details,
• driver's license information,
• passport numbers.

Mizuno USA has not disclosed the number of individuals impacted by this breach. The BianLian ransomware operation has claimed responsibility for this attack. The group has reportedly stolen extensive business and customer data, including financial and HR records, contracts, confidential agreements, trade secrets, patents, and both internal and external email correspondence.

The company has started notifying affected individuals and are offering affected individuals one year of free credit monitoring and identity protection services.