Cyber Incident Victim: Mizuno
Date:
Feb 2022
Location:
United States of America
Summary
A major sports equipment and apparel company experienced significant operational disruptions following a ransomware attack targeting its U.S. corporate network. The incident caused widespread system outages, including phone failures, website malfunctions, and delays in order processing and shipping—impacting both direct customers and resellers unable to access business portals. Internal systems were rendered inoperable, preventing staff from retrieving order information or generating shipping labels, with some delays projected to last weeks. The attack coincided with the launch of highly anticipated new products, exacerbating customer frustration due to limited communication channels. The organization declined to publicly disclose details regarding the incident or the responsible threat actors, leaving the ransomware group unidentified. Business operations remained impaired for an extended period, though restoration efforts were reportedly underway.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The ransomware attack on Mizuno's U.S. corporate network occurred over the weekend of February 4-5, 2022, disrupting operations across multiple business functions. Customers first observed system outages on February 8 when corporate phone systems became nonfunctional and the company's U.S. website (mizunousa.com) displayed a banner warning of order delays. Internal systems failures prevented customer service representatives from accessing order information or processing inquiries through the website's contact portal. The attack particularly impacted order fulfillment operations, with Mizuno unable to print shipping labels, resulting in projected delivery delays of up to one month for affected customers. Reseller operations were disrupted through the compromise of Mizuno's 'Direct Connect' B2B ordering platform, preventing retail partners from placing wholesale orders. The incident coincided with the February 3 product launch of Mizuno Pro 221, 223, and 225 golf irons, exacerbating customer frustration as pre-order customers lacked delivery timelines or communication channels.
Technical disruptions persisted for at least one week post-attack, with no public restoration timeline provided by the company. Mizuno maintained complete silence regarding the incident's nature, refusing to acknowledge the ransomware attack in public statements or in responses to direct media inquiries. The operational consequences included paralyzed customer service infrastructure, disabled e-commerce capabilities, and compromised internal communication systems. While the specific ransomware variant remained unidentified, the attack shared temporal proximity with the BlackByte ransomware operation's contemporaneous attack on the San Francisco 49ers. No data breach confirmation or stolen information disclosures were verified during the initial outage period. Business impacts extended beyond direct sales disruptions to affect Mizuno's retail distribution network through the sustained B2B platform outage.